Mikhail Kruk wrote:
I'm probably missing something, but what's wrong with select()'ing for read when your SSL_write returns WANT_READ? See relatively elegant read_write() implementation from http://www.rtfm.com/openssl-examples/
Nothing, but how do I know when I can start my SSL_write() again, because the WANT_READ condition that is stopping SSL_write() from taking any more data has cleared ?
After every SSL_peek()/SSL_read() do I try to issue a new SSL_write() and if there is movement I consider it cleared ?
The problem here is how to detect when I can drive my SSL_write() by the writable event select() indicator and when I have to disregard it (even though my application has Mb's of data still to send) until I know the WANT_READ for SSL_write() condition has cleared itself. Then I can go back to select() driven SSL_write()'s. The start disregard part I understand. The switch back part I do not.
Ideally I don't want to use SSL_read() to take application data from OpenSSL at that moment (because the application doesn't want it at that time), I ideally want to be using SSL_peek() to give OpenSSL program control to service read() and clear condition.
But having thought about that situation some more what if I have too much data in my inbound buffer waiting for the application then OpenSSL may not call read() because its buffers are full enough already to service my SSL_peek(). But I dont know exactly how its internal buffering works to be sure, maybe it will just eat more memory ?
So I guess I must service it with SSL_read() enough to allow the other end and the respective flow controls to pull enough data through to get to the packet thats currently holding up my SSL_write() ?
What if I am not reading any data at all ? i.e. I am not even looking at the readable select() event and never calling SSL_read() during the time I am using SSL_write() to send a lot of data. Would it be fair to say that I will never get a WANT_READ back from SSL_write(), because unless my application calls SSL_renegotiate() itself or receives an inbound alert/re-negotiate request then could I say there will be no situation that can stall my SSL_write() with WANT_READ ?
Is it possible to stop this situation from occuring altogether. If RENEGOTIATION is the only situation it can occur in. I just read somewhere that gave me the impression there is TLS protocol packet to indicate one party is not capable/willing to RENEGOTIATION. Can this be done at session setup, so the other end knows not to even ask? I can't see anything from a grep of OpenSSL source to confirm that is true.
I'm just trying to work through all the eventualities with my application and OpenSSL and get a better understanding of whats going on under the bonnet.
Darryl ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
