Peter Edwards <[EMAIL PROTECTED]>:
> Is there any documentation or example code how to program SSL_* operations for
> non-blocking sockets (other than the documentation of error returns)?
>
> In particular, how do I determine after a SSL_read, whether there is more
> incoming data already buffered? With openssl-0.9.4 I found I could use
> 'ssl->s3->rrec.length', but that does not appear to be the case with 0.9.5.
Why don't you just repeat the call to SSL_read to see if any more data
is available? This obviously may receive more data from the network
rather than just look at buffers, but that should usually not be a
problem.
Looking at ssl->s3->rrec.length should still work. You should never
have done so, though; use SSL_pending(ssl) instead. (This will
just return ssl->s3->rrec.length for SSL3/TLS1 connections, but
that's an implementation detail; SSL_pending is part of the API.)
A problem that persists is that rrec.length may be of a type other
than application data: rrec may contain handshake data. Under
rather bizarre circumstances, the SSL client or server may try to
_send_ data and report SSL_ERROR_WANT_WRITE when you try SSL_read()
after checking that SSL_pending returns a positive number. And, on
the other hand, if readahead is enabled, there may be data buffered in
lower-level buffers that SSL_pending does not even look at.
I am not sure if SSL_pending has any useful purpose. (It's used in
s_client and s_server, but that's because those programs use
blocking I/O for full-duplex application data, which means they
are broken anyway.)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
