Hello,
> On Sun, Aug 20, 2006 at 07:46:26PM +0200, Marek Marcola wrote:
> > I've forget to pay your attention on other problem that may appear
> > with code like:
> >
> > do {
> > ret = SSL_read(sslobject, buf, bufsz);
> > err = SSL_get_error(sslobject, ret);
> > } while (ret <= 0 && (err == SSL_ERROR_WANT_READ));
> >
> > (of course I assume that WANT* works ok now).
> >
> > The problem is that depending on variable bufsz this loop
> > may iterate some times getting application data from SSL layer
> > and putting this data in the same place (overwriting existing).
> > For example assume that in SSL layer we have 400 bytes ready to
> > read and that bufsz is 100 bytes. This loop will iterate 4 times
> > (and after this you will get WANT* error) placing every
> > 100 bytes in the same place.
> > At the end you will get only 100 last bytes from 400 ready to read.
>
> So what you are saying is that even though ret <= 0 and err ==
> SSL_ERROR_WANT_READ, it is still possible that data has been placed
> in buf?
No. I placed this code assuming that condition was changed and works.
Maybe this was not very precise.
Encapsulated SSL data comes in records/packets. When you select()
some descriptor for read, and select() gives you such hit you start
reading data from SSL buffers. And now we may have some problems.
If you will retry SSL_read() until you will get WANT_READ then
you will get all data from SSL layer to your application buffers
and now you may select() again.
But if you will read once (or not until WANT_READ), there may be
data left in SSL layer and now you can not select() (or you should
not select() - this depends on upper layer protocol).
For example if we have 400 bytes in SSL layer and you will read only
100, then we have 300 bytes in SSL layer and now waiting in select()
may give you hang. For such purpose SSL_pending() function exists
which can tell you is SSL buffers has some data or not. If has, you
simply call SSL_read(), if not - you select().
Of course if you will perform "incremental" SSL_read() until
WANT_READ then you will have all data from SSL and you may select()
without calling SSL_pending().
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
