Hi there,
I've been trying to figure out the correct way to use SSL_read and SSL_write with retry and auto retry mode, etc. I'm a little confused. I've got a program that uses blocking sockets, and select (I only use select to check for readability of sockets). When select wakes up indicating there is data to be read, I pull a thread from a thread pool and call SSL_read.
Am I correct in assuming that each time SSL_read succeeds (return value > 0), then the data read is application data?
And if SSL_read returns 0, it is an error? And if < 0, check if SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE is the error, in which case I need to retry the read? And if I do get one of these errors, should I immediately reissue the SSL_read, or should I do a select again and wait until there is actual data to be read? I'm guessing the latter since the former may result in the call blocking, and the thread would be tied up which could eventually lead to all my threads in the pool being blocked. Does this sounds right?
If I get SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE after a call to SSL_write(), can I simply reissue the SSL_write() immediately? Is there any harm in this? It wouldn't block like SSL_read() might, would it?
Also, I've set the SSL_MODE_AUTO_RETRY flag on the SSL_CTX, but when I call SSL_write(), I still seem to get the SSL_ERROR_WANT_WRITE error. I thought that if I used this flag, that I wouldn't have to worry about retrying?
And if I use this flag, I would still be susceptable to blocking indefinitely in SSL_read() wouldn't I?
Sorry for all the questions. I hope I was clear in explaining what I'm unclear of. Thanks for any info or help you can provide me.
Regards,
Ed
