Apologies if this was already responded to: > Or if I put it in another way, if SSL_read() returns, > SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE (from SSL_get_error()) > on the socket "fd" then, can I send data on the same socket using > SSL_write() ? (Provided, both read and write operations on the > "fd" are handled by same thread always.)
Yes. There is really only one caveat: Suppose SSL_write returns 'SSL_ERROR_WANT_READ' and you subsequently call SSL_read. No matter what happens in that SSL_read call, you must not then block in select before retrying the SSL_write. In other words, you can't allow this to happen: 1) SSL_write blocks because negotiation data needs to be read. You get a WANT_READ. 2) The protocol data arrives on the socket just as you call SSL_read. It fails because there is no application data but does read the protocol data, you get a WANT_READ. 3) You call 'select' looking for data to be available for reading and don't call 'SSL_write' until you get that data, but you never will because the SSL_read got the data SSL_write was waiting for even though it returned WANT_READ. So you must be very careful of deadlock. If SSL_read returns WANT_READ, that does *not* mean that it made no forward progress! DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
