Specifically which version of the openssl library are you using? I'm going to try to dig into this.
-Kyle H On Sat, Aug 30, 2008 at 9:45 AM, Pau Rodriguez-Estivill <[EMAIL PROTECTED]> wrote: > Hi! > I have done more tests of this strange data blocks: > I send 2 kinds of blocks one of 1500 bytes (block A) and another of > 48bytes (block B). > A blocks have an identifier. > > The normal way is receive first 1500bytes of A and then 48 of B: > 1: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (id 515) > 2: B > > But this is what happened when the error occurs: > 1: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (id 516) > 2: B > 3: A (id 516, 48bytes) > 4: SSL_ERROR_WANT_READ > 5: AA (id 516, 80bytes) > 6: ???????????????????????????????? (1500 bytes, unknown) > 7: A (id 516, 48bytes) > 8: ???????????????????????????????? (1500 bytes, same as 6 but not sure) > > All packets have the same identifier, yes, this is what I can't believe. > And also I don't know from where the 80 bytes block size came from!? > > I hope that with this example, i could make more clear the problem. > > Thanks, for the reply. > > Pau > > On Sat, Aug 30, 2008 at 4:40 AM, Pau Rodriguez Estivill > <[EMAIL PROTECTED]> wrote: >> I always try to do an SSL_read every time I give a new packet to >> OpenSSL library, >> It's true that I only try it once per packet I give. >> >> Maybe I should try SSL_pending after this read, to ensure that aren't more >> data. >> Normally SSL_pending return 0, even before trying to read. >> >> When I call to SSL_read and it give me an error, as I said, the next >> time I call SSL_read it give me a wrong buffer but it's size is >> correct according last SSL_write from the other computer. But at least >> the first bytes of the block are not correct, because it doesn't >> appear as a IPv4 valid packet (I mean an internal packet from the >> inside of the VPN). And also any of the next SSL_reads return a valid >> decoded block or at least not starting from the first byte. And none >> of them return any SSL_* error. >> I really think it could be a problem of buffers management. I also >> don't trust the DTLS implementation just because I know any >> application how make an extensive usage of this >> implementation/protocol. >> >> Maybe anybody can propose a test to get more information about this problem. >> >> Thanks, for the reply. >> >> Pau >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
