>From: owner-openssl-us...@openssl.org On Behalf Of Derek Cole
>Sent: Sunday, 14 October, 2012 17:36
>I am trying to use SSL_connect. I have bound a socket to my interface,
>set up the context, and call SSL_connect(). This is returning a -1,
>which I catch, and call SSL_get_error() to fall through a switch
>statement. It is retuning a SSL_ERROR_WANT_WRITE
Presumably on a nonblocking socket, or you shouldn't get WANT_WRITE.
And presumably you mean an SSL object created from an SSL_CTX object.
Although both of these can be called context in a generic sense,
openssl uses that term for SSL_CTX.
>So I am trying to use pselect in a while loop here to get the return.
>I call SSL_get_fd() to get the file descriptor, FD_SET() to add
>to my fd_set, and then pselect(ssl_fd+1, 0, &fds, 0, &timeout, NULL)
>This reaches my timeout every time. Is there a reason to see why
>it is not connecting, even though the intiial SSL_connect returned
WANT_WRITE?
You say you bound the socket (which isn't usually needed on an
outgoing connection) but you don't say you TCP-connected it.
Only after it's connected -- and I believe fully-connected
for nonblocking, but I'm not positive of that -- can it show
either writable or readable to pselect et amici.
SSL_connect only does the SSL part, not the TCP part.
If you use connect_BIO to create the socket, *it* does
the TCP-connect, but in that case you wouldn't directly
manipulate the socket as you describe.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
