> I'm a little unclear on how this should be implemented.. so if I call
> SSL_read, get -1 back, and err = SSL_ERROR_WANT_READ, do I just call
> SSL_read again?
No. That error is telling you that you need to wait until the socket is
(again) readable.
> Because that's what I've been doing and it ends up
> in an infinite loop. Also, is err = SSL_ERROR_WANT_WRITE, but I have
> no data to write (because I'm waiting to see what the server sends me
> before replying), what should I write in my call to SSL_write?
You should not call SSL_write, you should call SSL_read again when the
socket becomes writable.
The SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE indications are telling
you that the SSL engine cannot make forward progress on the operation you
are attempting because it needs to read or write data that it cannot do
without blocking and you asked it not to block. If you get
SSL_ERROR_WANT_READ, you should retry the operation you are currently trying
when the socket becomes readable. If you get SSL_ERROR_WANT_WRITE, you
should retry the operation you are currently trying when the socket becomes
writable.
As a simplification, with only a minor performance hit, you can treat
*any*
socket indication (whether readable or writable) as allowing you to retry
*any* pending operations (whether SSL_read or SSL_write). This lets you
treat any of the WANT indications as basically just 'would block try later'.
Just remember that 'SSL_ERROR_WANT_WRITE' means you need to select on
the
socket for writing even if you weren't before!
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
