RE: timeout vs. SSL_ERROR_WANT_XXXX
I want to use timeout with select and I wonder how to cancel operation (SSL_read or SSL_write non-blocking) that caused SSL_ERROR_WANT_READ (or *_WRITE). I've got messages queue to send (and one for received too). If I cannot send whole particular msg within some time (5 sec) I want to discard this message and start sending another one. That is just not possible. Byte streams don't work that way. The problem is, when not fully transmited (received) msg locks in state where I receive SSL_ERROR_WANT_XXX. From docs etc. I know, that when I've got SSL_ERROR_WANT_* I have to retry operation which caused this error but it require more time, which I haven't got becouse I want to send another message ! I can always close connection and open it again, but it is ugly solution. Is there any way, to do it in more polite way ? No. Rethink whatever it is about your design that imposed this bizarre requirement. Byte streams do not support all or nothing operations. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: timeout vs. SSL_ERROR_WANT_XXXX
What I think is as its the application's responsibility to retry the same openssl operation whenever it receives a WANT_READ or WANT_WRITE, why cant we simply overwrite the buffer that is passed to say SSL_write with the next payload that needs to be sent when we hit that error code, in this way we can automatically drop the earlier payload that was attempted. Hope this is correct. Thanks --Gayathri As long as the other side knows how to deal with it. For example, if your protocol is ASCII based, you could reserve an embedded nul to indicate a break and that previous partial requests should be ignored. Otherwise, in practice, you will be able to rely on being able to do this. The SSL protocol has no way to 'glue' application bytes together into a record. It's a byte stream protocol. What will happen is you'll call SSL_write and some fraction of what you think of as a record will be accepted. But then a renegotiation will occur. So now what? DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: timeout vs. SSL_ERROR_WANT_XXXX
Exactly what david says... why would you want to risk data loss ?? Lokesh. On 6/2/05, Gayathri Sundar [EMAIL PROTECTED] wrote: Hi, What I think is as its the application's responsibility to retry the same openssl operation whenever it receives a WANT_READ or WANT_WRITE, why cant we simply overwrite the buffer that is passed to say SSL_write with the next payload that needs to be sent when we hit that error code, in this way we can automatically drop the earlier payload that was attempted. Hope this is correct. Thanks --Gayathri === HI, You may want to consider using SSL_CTX_set_mode(...) with SSL_MODE_AUTO_RETRY flag such that you would'nt recieve SSL_ERROR_WANT_XXX messages. Normally those messages come when the other side requests for re-negotiation. -Lokesh. On 5/31/05, opt [EMAIL PROTECTED] wrote: Hi everyone I want to use timeout with select and I wonder how to cancel operation (SSL_read or SSL_write non-blocking) that caused SSL_ERROR_WANT_READ (or *_WRITE). I've got messages queue to send (and one for received too). If I cannot send whole particular msg within some time (5 sec) I want to discard this message and start sending another one. The problem is, when not fully transmited (received) msg locks in state where I receive SSL_ERROR_WANT_XXX. From docs etc. I know, that when I've got SSL_ERROR_WANT_* I have to retry operation which caused this error but it require more time, which I haven't got becouse I want to send another message ! I can always close connection and open it again, but it is ugly solution. Is there any way, to do it in more polite way ? -- Mariusz Kedzierawski __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: timeout vs. SSL_ERROR_WANT_XXXX
HI, You may want to consider using SSL_CTX_set_mode(...) with SSL_MODE_AUTO_RETRY flag such that you would'nt recieve SSL_ERROR_WANT_XXX messages. Normally those messages come when the other side requests for re-negotiation. -Lokesh. On 5/31/05, opt [EMAIL PROTECTED] wrote: Hi everyone I want to use timeout with select and I wonder how to cancel operation (SSL_read or SSL_write non-blocking) that caused SSL_ERROR_WANT_READ (or *_WRITE). I've got messages queue to send (and one for received too). If I cannot send whole particular msg within some time (5 sec) I want to discard this message and start sending another one. The problem is, when not fully transmited (received) msg locks in state where I receive SSL_ERROR_WANT_XXX. From docs etc. I know, that when I've got SSL_ERROR_WANT_* I have to retry operation which caused this error but it require more time, which I haven't got becouse I want to send another message ! I can always close connection and open it again, but it is ugly solution. Is there any way, to do it in more polite way ? -- Mariusz Kedzierawski __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: timeout vs. SSL_ERROR_WANT_XXXX
Hi, What I think is as its the application's responsibility to retry the same openssl operation whenever it receives a WANT_READ or WANT_WRITE, why cant we simply overwrite the buffer that is passed to say SSL_write with the next payload that needs to be sent when we hit that error code, in this way we can automatically drop the earlier payload that was attempted. Hope this is correct. Thanks --Gayathri === HI, You may want to consider using SSL_CTX_set_mode(...) with SSL_MODE_AUTO_RETRY flag such that you would'nt recieve SSL_ERROR_WANT_XXX messages. Normally those messages come when the other side requests for re-negotiation. -Lokesh. On 5/31/05, opt [EMAIL PROTECTED] wrote: Hi everyone I want to use timeout with select and I wonder how to cancel operation (SSL_read or SSL_write non-blocking) that caused SSL_ERROR_WANT_READ (or *_WRITE). I've got messages queue to send (and one for received too). If I cannot send whole particular msg within some time (5 sec) I want to discard this message and start sending another one. The problem is, when not fully transmited (received) msg locks in state where I receive SSL_ERROR_WANT_XXX. From docs etc. I know, that when I've got SSL_ERROR_WANT_* I have to retry operation which caused this error but it require more time, which I haven't got becouse I want to send another message ! I can always close connection and open it again, but it is ugly solution. Is there any way, to do it in more polite way ? -- Mariusz Kedzierawski __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
