Re: What does SSL_pending() do? Where does handshaking occur?

Tue, 25 Jul 2000 13:58:36 -0700 

On Tue, Jul 25, 2000 at 04:33:31PM -0400, David B wrote:
> Going through the s_client.c example, I cannot find the section in which 
> SSL handshaking occurs. The larger question is, in which call does OpenSSL 
> take care of pending business?

The handshake is embedded in the ssl-library. Since it is necessary to
allow re-negotiations at all times, the handshaking may take place at any
read or write operation. Of course, you can implicitely trigger it by using
SSL_connect() (after which you have the opportunity to check the state and
log the cipher, certificate data etc to your protocol), but it is not
necessary.
SSL_set_connect_state() at s_client.c:433 tells the library to initiate
the connect-handshake with the next SSL-operation.

> I would assume that the SSL_pending() call is responsible for returning 
> true if SSL is in the middle of an operation that would otherwise block. 
> Does it do this? Does it also handle these tasks? Otherwise, where do the 
> handshaking and presumably other interim SSL tasks occur?
SSL_pending() should tell you whether there are data left inside the SSL-
buffers.
For non-blocking sockets you should however better use another technique,
that has been discussed several times on this list:
* Call the SSL-operation you want to perform
* Get the return code and hand it to SSL_get_error() yielding an error code
* If this error code is SSL_ERROR_NONE, the operation is finished.
  If the code is SSL_WANT_READ/WRITE, you must obviously repeat the
  SSL-operation until SSL_ERROR_NONE (or a real error) results.

Best regards,
        Lutz
PS. Send as personal copy, since the mailing list seems to be a bit
flaky today.
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to