Hi, Is management material (re-keying data etc) send before or after user data?
Let me try to explain the senario: There is a Server "S" and a Client "C" and a SSL connection established between them. S always sends 16 bytes packets of data. C has to listen on the SSL connection and for user input on another socket (0 = stdin, just an example here :>) C waits in a select() for activity on the SSL-fd _or_ the stdin-fd. OpenSSL sends re-keying material only if SSL_write(<16 bytes data, see above>) is called on the Server side "S". IF OpenSSL sends the re-keying or any other management data before the 16-bytes-data then the select() solution would work on a (blocked) SSL-fd socket. (Assuming that it's ok to stuck in read() once the SSL-fd socket indicates data on the fd. [It could only stuck if the network link is interrupted in which case I dont care]). [ re-keying data ] [ 16 bytes user data ] On the client side C: select() would return with the SSL-fd set. SSL_read() would first read the re-keying data and then the 16bytes data from S. C processes the 16 bytes and calls select() again. On the other hand, if SSL sends the rekeying material AFTER the 16 bytes of data then the client might stuck in SSL_read(): [ 16 bytes user data ] [ re-keying data ] select returns with SSL-fd set. SSL_read() is invoked and SSL_read() returns after reading the 16 bytes of data. select() is called and returns immediately because the re-keying data has not yet been read. SSL_read() is invoked again, read's the re-keying data and stuck's while waiting for another 16 bytes of data from S. Or does OpenSSL is that intelligent and uses a block-oriendated approach and sets a flag that re-keying material is following the 16 bytes user data so SSL_read() does not return until the re-keying data is also read in the second example (16 bytes send before re-keyin data). Or, to simplify the question: Can I use the above scenario without risking that C stucks in SSL_read(). skyper -- PGP: dig @segfault.net skyper axfr|grep TX|cut -f2 -d\"|sort|cut -f2 -d\; ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
