Hi! I have done more tests of this strange data blocks: I send 2 kinds of blocks one of 1500 bytes (block A) and another of 48bytes (block B). A blocks have an identifier.
The normal way is receive first 1500bytes of A and then 48 of B: 1: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (id 515) 2: B But this is what happened when the error occurs: 1: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (id 516) 2: B 3: A (id 516, 48bytes) 4: SSL_ERROR_WANT_READ 5: AA (id 516, 80bytes) 6: ???????????????????????????????? (1500 bytes, unknown) 7: A (id 516, 48bytes) 8: ???????????????????????????????? (1500 bytes, same as 6 but not sure) All packets have the same identifier, yes, this is what I can't believe. And also I don't know from where the 80 bytes block size came from!? I hope that with this example, i could make more clear the problem. Thanks, for the reply. Pau On Sat, Aug 30, 2008 at 4:40 AM, Pau Rodriguez Estivill <[EMAIL PROTECTED]> wrote: > I always try to do an SSL_read every time I give a new packet to > OpenSSL library, > It's true that I only try it once per packet I give. > > Maybe I should try SSL_pending after this read, to ensure that aren't more > data. > Normally SSL_pending return 0, even before trying to read. > > When I call to SSL_read and it give me an error, as I said, the next > time I call SSL_read it give me a wrong buffer but it's size is > correct according last SSL_write from the other computer. But at least > the first bytes of the block are not correct, because it doesn't > appear as a IPv4 valid packet (I mean an internal packet from the > inside of the VPN). And also any of the next SSL_reads return a valid > decoded block or at least not starting from the first byte. And none > of them return any SSL_* error. > I really think it could be a problem of buffers management. I also > don't trust the DTLS implementation just because I know any > application how make an extensive usage of this > implementation/protocol. > > Maybe anybody can propose a test to get more information about this problem. > > Thanks, for the reply. > > Pau > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
