Er, but what if you get a SSL_ERROR_WANT_READ while trying to SSL_write? Surely, this likely happens because the network/SSL BIO pair hasn't handled the peer to peer SSL session negation yet, and one would have to read or write from the network side of the BIO pair.
This is what's confusing to many, I think: the operation on one of the four ports of the SSL engine can't progress unless there is an appropriate operation on ANOTHER (related) port. And yet, you say don't make a different SSL call. Or, did you mean on the same SSL session? I wrap the SSL engine with SSL BIOs on the decrypted side and a BIO pair on the encrypted side (so all my interactions with the SSL state machine are via BIOs) and I very much need to do a BIO_read on one side of BIO_write on the other side fails, with SSL_ERROR_WANT_WRITE. -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Kyle Hamilton Sent: Friday, May 29, 2009 11:23 AM To: openssl-users@openssl.org Subject: Re: Non_Blocking Socket 'SSL_write' returns with SSL_ERROR_WANT_READ. Wait in 'select' for data. But Other end too wait for read ! i.e. Both ends waiting for data. -> DEAD LOCKED If you get an SSL_ERROR_WANT_*, you should call *exactly* the same function that you just called -- do NOT call SSL_read if you were just performing an SSL_write. Perform the select() for reading on that file descriptor (to see when it's able to be read from), and then do the SSL_write again with exactly the same parameters (including the full arguments, i.e. the entire buffer that you sent to SSL_write before -- no matter its return value for how many bytes were successfully written). -Kyle H On Fri, May 29, 2009 at 3:40 AM, Asanka Kumara <asan...@millenniumit.com> wrote: > > Hi, > > Non-Blocking Server Side socket on solaris. > > > a). Attempt to write data on with SSL_write. This returned with > SSL_ERROR_WANT_READ. > > (So as I assume what should be done is, > 1. wait for data from the other end on this socket in a select call, > 2. when select detects data is available call 'SSL_read' with this socket > 3. only if SSL_read returns SSL_ERROR_NONE then call 'SSL_write' again with > above (step a) data (re-insert) > ) > > > But what happens is > 1. wait for data from the other end on this socket in a select call, > 2. when select detects data is available call 'SSL_read' with this socket > BUT THIS returns with SSL_ERROR_WANT_READ > (I assume this means SSL want more data form the other end) so I wait for > data form other end in 'select' again BUT DATA IS NOT Received from the > other end > and > Furthermore Other end (Client Side Socket - which is a blocking socket) is > also waiting (i.e. blocked) for data. > > So both ends waiting for data and no one receives !!!!!!! > > > Could any one help please !!!! > > > ******************************************************************************************************************************************************************* > > "The information contained in this email including in any attachment is > confidential and is meant to be read only by the person to whom it is > addressed. If you are not the intended recipient(s), you are prohibited from > printing, forwarding, saving or copying this email. If you have received > this e-mail in error, please immediately notify the sender and delete this > e-mail and its attachments from your computer." > > ******************************************************************************************************************************************************************* > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
