RE: Confusion about SSL_ERROR_WANT_READ/WRITE

Sun, 17 Apr 2005 11:36:07 -0700 

> Yes, I think I understand what you are saying.  If I get a
> WANT_READ from a
> call to SSL_write, that means I need to read some data before I can send.

        Not quite, it means the OpenSSL engine must read some data (from the
socket) before you can perform the 'write' logical operation on the
connection state machine.

> But like you said, there may not be any data to read since the
> other end may
> not have sent anything.

        There may not be any application data, but there should be data sent 
over
the SSL connection.

> But I think my problem was that I was thinking in
> terms of application data.  What I failed to realize was that
> there may not
> be any application data to read, but if the other end is a valid
> ssl client,
> there should have been some ssl protocol data that was sent, that my end
> needs to read before my call to SSL_write will succeed.  Does that sound
> right?

        If by "your end", you mean your end of the SSL connection, yes. If by 
"your
end", you mean the application, no. The purpose of the SSL_read function is
to read application data from the SSL connection state machine. You should
call it if and only if that is what you want to do.

> And since an SSL_read may write as well as read, and SSL_write may read as
> well as write, then either of these calls would read the required protocol
> data such that a retry of the call that resulted in the error should now
> succeed.

        There you go. Since you're using socket BIOs, the state machine will 
access
the socket when it needs to, so you just need to retry the operation later.
If you want, you can use 'select' to tell when it's enough later.

> So eventhough my call to SSL_write resulted in the WANT_READ error, if my
> read thread happened to do an SSL_read first, it still would have read the
> protocol data, and my retry of SSL_write should succeed.  Am I right?
> Close?  Way off?

        If either an SSL_write or an SSL_read results in a WANT_READ error, it
means that neither call can progress until some data is read from the
socket. You can retry the operation later, try another operation, or
whatever you want to do. You can take the hint that 'select'ing on the
socket for readability will likely tell you when the operation is going to
succeed.

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to