On Sat February 13 2010, John L Veazey wrote: > On Sat, Feb 13, 2010 at 1:04 AM, Patrick M. Rutkowski > <rutsk...@gmail.com> wrote: > > From the SSL_get_error() man page: > > > > ======================================================== > > The current thread's error queue must be empty before the TLS/SSL I/O > > operation is attempted, or SSL_get_error() will not work reliably. > > ======================================================== > > > > And don't I have to use the ERR_* functions to clear the error stack, > > as mandated? > > I was just reading that. I believe my original answer was quite > wrong. Let me step out of the way and let someone else answer this > question. >
The "will not work reliably" is ambiguous in the context quoted. "reliable" in what sense? It may mean that without clearing the thread's error queue before the TLS/SSL I/O operation; SSL_get_error will (or might) return errors still on the error queue from __prior__ to the start of that operation. I.E: Just as John described - You can not reliably associate the error returned with only the most recent TLS/SSL I/O operation - The error read may be from any operation since the last time the error queue was called. If the above is the case, then that sentence just needs to be rephrased. As is, it is right up there with the M-L topics that say: "My application is broke..." ?? broke how ?? Mike > Sorry. > For what? Top posting? > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-us...@openssl.org > > Automated List Manager majord...@openssl.org > > > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
