If I understand correctly, when SSL_MODE_PARTIAL_WRITE is set and SSL_write is used (with a non-blocking underlying file descriptor) the effect is as follows:
In the event of SOME (not all) of the application data being written, SSL_write will return this number (rather than -1 with an error of SSL_ERROR_WANT_WRITE). Without SSL_MODE_PARTIAL_WRITE when an application receives -1 and SSL_ERROR_WANT_WRITE it is obliged to re-call SSL_write with the exact same buffer). Am I correct in assuming that with SSL_MODE_PARTIAL_WRITE set the applications next call to SSL_write would only have to pass the portion of data not written previously? i.e. if the original call attempted to write N but only wrote W, the subsequent call should try to write the remaining N-W bytes. Further questions (assuming above is correct): 1. Are there restrictions on the address of the N-W bytes passed to the second call? (i.e. similar to the WANT_WRITE restriction whereby the same buffer must be passed when retrying) 2. If the application has more data to write by the time it makes the second call i.e. ((N-W) + (new data)) is it OK to pass it all to the second write? 3. Presumably even with SSL_MODE_PARTIAL_WRITE set it is still possible to receive -1 and WANT_WRITE under certain circumstances? 4. Are my assumptions missing anything important related to packing/encrypting of app. data into SSL records before actually writing to the network buffer? Finally, if my assumptions are correct, under what circumstances would an application not want to use SSL_MODE_PARTIAL_WRITE? Any advice on these questions will be much appreciated. Best Regards, Niall. http://careers.yahoo.com.au - Yahoo! Careers - 1,000's of jobs waiting online for you! ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
