On Tue, Apr 27, 2010, piper.guy1 wrote: > Hi again, > > I'm trying to follow the instructions in the OpenSSL reference book, > and their example code from their site for setting a socket to > 'non-blocking'. > > Before I made any changes, I was working with good code that was > making secure connections with no problems. > > Essentially: > bio = BIO_new_connect(connect_str); > BIO_do_connect(bio); > ssl = SSL_new(ctx); > SSL_set_bio(ssl, bio, bio); > SSL_connect(ssl); > > >From the example code, it seemed easy enough to call 'SSL_get_rfd() > using the SSL object to get the file descriptor in order to use > fcntl() to change the socket to non-blocking. However when I did > this, calls to SSL_get_rfd() always return -1. Reading the function > description docs, SSL_get_rfd() will return -1 if the BIO is not > "suitable for file descriptors". The example code doesn't show how > their BIO & SSL objects were created, and there's no other reference > or information on what they mean on how to make them 'suitable'. > > So, I tried another approach. I created a socket the convention way > and did a connect, followed by: > bio = BIO_new_socket(sd, BIO_CLOSE); > ssl = SSL_new(ctx) ; > SSL_set_bio(ssl, bio, bio); > SSL_connect(ssl); > which also worked....until I called SSL_get_rfd() after I created the > SSL object, which again returned -1. > > What am I doing wrong? How do you make a BIO object for file > descriptors suitable? >
Well I didn't write that "suitable" phrase. I'm not sure why you're getting the -1 return does ERR_print_errors_fp(stderr) give anything useful? In the second example you can use the pass descriptor "sd" for the purpose: all the following calls do is associate it with the SSL structure. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
