We are using OpenSSL 1.1.0h on Linux to send operations to LDAP servers. We use SSL_read() to receive the replies on a non-blocking socket. The vast majority of times SSL_read() returns >0, SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE as per the spec. However we are very occasionally seeing SSL_ERROR_SYSCALL with errno 11 (EAGAIN) which would seem to be the result of a platform socket read(() or write() when blocking would occur. Is this expected behaviour? We have changed our code to treat this as SSL_ERROR_WANT_READ or SSL_WANT_WRITE depending on the result of SSL_want_write(). Are we correct?
Regards, John.
