Hi, my program is an SSL client which is reading large amounts of data without sending data itself (after the initial handshake). My machine's connection does drop regularly, and I want to make sure that my program detects the dropped connection instead of hanging in read()/recv() forever.
My question is: what is the *right* way to use SSL_read() so that a dropped connection will be detected reliably? I'm using a blocking socket that is passed to OpenSSL using the SSL_set_fd() function (ie the BIO will be created automatically). My first attempt was using setsockopt() to set a read timeout (SO_RCVTIMEO). This does *not* help, because BIO_sock_non_fatal_error() considers EAGAIN/EWOULDBLOCK non-fatal even for blocking fds and just keeps going on. Another attempt was to use select() to check if the socket is readable just before calling SSL_read(), like so: error = SSL_ERROR_NONE; do { if (error == SSL_ERROR_WANT_READ && !select (...)) { /* timeout, bail */ exit() } nread = SSL_read (...); error = SSL_get_error (ssl, nread); } while (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE); Without the SO_RCVTIMEO, this doesn't work either, probably because I'm only using select() if SSL_read() failed with SSL_ERROR_WANT_READ before. Am I supposed to unconditionally select() for readability before calling SSL_read()? I think this might cause trouble if there is still application data available to be read... Am I supposed to use SSL_pending() to try to figure out if we need to be able to read from the socket? In combination with the socket timeout (SO_RCVTIMEO), the code above does work, but it doesn't feel right. I'm also wondering if BIO_sock_non_fatal_error() needs to be fixed to treat EAGAIN and EWOULDBLOCK as fatal _iff_ the socket is blocking -- since that means that we hit a timeout. I know I can work around this issue by manually checking errno for EAGAIN/EWOULDBLOCK in case SSL_get_error() returns SSL_ERROR_WANT_READ, but that seems the least solid solution. Can anyone shed some light on this issue? What am I missing? Please CC me in your replies; I'm not subscribed to the list. Thanks, Tilman -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org