With Unix nonblocking sockets, the only way to detect that the
connection has shut down is to check for a zero return from read
after poll or select says the socket is ready for reading.
(Read will cheerfully return zero at any time if you call it
again after a fully successful read(), so only the first read()
after poll() should be checked. If you don't believe me, try it.)
Given that, let's look at how OpenSSL detects EOF:
int SSL_get_error(SSL *s,int i)
{
...
if (i == 0) {
if (s->version == SSL2_VERSION) {
/* assume it is the socket being closed */
return(SSL_ERROR_ZERO_RETURN);
} else {
if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
return(SSL_ERROR_ZERO_RETURN);
}
}
return(SSL_ERROR_SYSCALL);
}
Hrmf. Looks like SSL_get_error will return SSL_ERROR_ZERO_RETURN
or SSL_ERROR_SYSCALL on any zero read. When using SSLV3 or TLS,
OpenSSL seems to have a case where it won't tell you about
zero returns from read(), which is confusing.
And since the user has no idea when OpenSSL is calling read(),
and there's no way to tell OpenSSL what poll() said,
*there is no way to properly detect EOF with nonblocking
sockets in OpenSSL when using SSL_set_fd() / bss_sock.c *.
I'm starting to think that you *must* do the read() yourself
into a buffer, and use a memory BIO of some sort. Otherwise
you have too little control over hard EOF detection.
Somebody tell me how I'm wrong, please... I almost certainly haven't
looked into this enough to know what I'm talking about.
Thanks,
Dan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
