> Thanks david..let me add more clarity to my requirement...
> Is there someway for the application to know before calling ssl_read,
> that some app data buffer can be got for sure?
Only by putting that data in a buffer, which seems to be what you don't
want.
> Or can SSL_peek prevent me
> from hitting the case you have mentioned?
SSL_peek does precisely what you claim you don't want, which is to put
the
data in a cache.
> The reason is we are in
> a scenerio
> wherein all ssl control pkts are gonna be processed from userspace using
> openssl
> and all app data pkts are gonne be processed from kernel using our own ssl
> implementation. So when userspace openssl does manage to read app data, I
> need
> to ensure that whatever it has cached (add data bytes), has to be cleared
> and
> copied into our ssl library in kernel, so that it can wait for
> the remaining
> bytes and do the decryption.
> So in a crux, what can I do to ensure that openssl does not read app data
> pkts
> at all..
You have to separate the data in the kernel. I would not recommend
trying
to hack OpenSSL's high-level functions for this purpose but use the
low-level ones instead. Ignore SSL_read/SSL_peak/SSL_write and the like.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
