Hi!
> > Here is one code example where I'm reading a 10-byte block of data
> > (always 10-bytes, not less):
> >
> > bufptr = (u_char *)&wh;
> > for (nread = 0; nread < sizeof(wh); nread += ret) {
> > ret = SSL_read(ssl,bufptr+nread,sizeof(wh)-nread);
> > if (ret <= 0)
> > break;
> > }
>
> You are 100% sure sizeof(wh)==10? Do you check to be sure nread==10 after
> this block? If it isn't, and you move on to the next chunk, you'll cause
Yes, I just verified that the structure is 10 bytes on linux/x86,
sparcv9, and win32.
> exactly this problem. Is SSL_MODE_AUTO_RETRY set? (I'm assuming the
> intention is for SSL_read to block until the session can be established
> right?)
I have not set that flag. I'm using blocking sockets. My intent is
to read the 10-byte "wire header" to get control information include
length of pdu. Then, I read the pdu as per the size in the wire
header.
At the point that I'm reading the wire header block of ten bytes, the
SSL session has already been established and certs have already been
evaluated.
> > strncpy(msgLenStr,wh.msgLenStr,10);
> > msgLenStr[10] = 0;
> > msgLen = atoi(msgLenStr);
>
> This looks fine, though it's terribly inefficient. (I hope you don't
> particularly care about performance.)
Everyone's a critic! But seriously, I'm not too worried about
performance especially given that SSL will act as a very effective
flow-control mechanism or leaky bucket. I typically go and optimize
after I get something running correctly.
I'll go test your suggested assertions on the pdu reading code but its
essentially similar to the above.
Pretty much, every field that I access in the PDU (as well as the wire
header) causes valgrind errors. I'm perplexed.
Thanks for your suggestions,
Bobby
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
