On Thu, Sep 07, 2000 at 08:53:47PM -0700, David Schwartz wrote:
> It seems to be working now. It just seems that I need to keep churning the
> SSL engine more than once, even if both BIO_read functions return -1. Go
> figure.
During the SSL handshake (which always occurs when the connection is
new, and which may be repeated later), data must be sent in both
directions a couple of times. So no application data will be
transported at first, but there should either be protocol data at
bio_io that must be sent over the network, or the SSL engine may need
to receive data via bio_io in order to continue.
You can check BIO_ctrl_get_read_request(bio_io) to test whether the
SSL engine tried to read something, and you can use
BIO_ctrl_pending(bio_io) to test whether there is data that
has to be sent over the network.
You also can check BIO_should_read(ssl_bio) to see if the SSL engine
tried to read data from the network; however note that the similar
test BIO_should_write(ssl_bio) often will return 0 even when there
is still data that has to be transferred over the network --
the return value 0 just means that there was enough space
in the buffer inside the BIO pair. So it's better to use
BIO_ctrl_get_read_request and BIO_ctrl_pending to see what
I/O operations have to be done, and then call BIO_read(ssl_bio, ...)
or BIO_write(ssl_bio, ...) again if BIO_should_retry(ssl_bio)
returns true, and repeat the process until BIO_should_retry
finally returns 0.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
