Hi all,
Is SSL_peek() safe to use? I don't see it "advertised" as such, via
man-pages, but I do see the following in the 1.0.1c changelog:
Fix SSL_peek:
Both ssl2_peek and ssl3_peek, which were totally broken in earlier
releases, have been re-implemented by renaming the previous
implementations of ssl2_read and ssl3_read to ssl2_read_internal
and ssl3_read_internal, respectively, and adding 'peek' parameters
to them. The new ssl[23]_{read,peek} functions are calls to
ssl[23]_read_internal with the 'peek' flag set appropriately.
A 'peek' parameter has also been added to ssl3_read_bytes, which
does the actual work for ssl3_read_internal.
The reason I'd rather use SSL_peek() than SSL_read() is that I am reading
off bytes from an SSL socket and then handing it off to another socket --
and if this latter socket operation fails, I don't want to be stuck with
orphan bytes (read off the first SSL socket) that I'd then need to track
myself.
Thanks
--
-Vivek
