>From: [email protected] On Behalf Of David Geib
>Sent: Monday, 18 February, 2013 09:45
>You can't use strerror for OpenSSL errors. Look into
>ERR_get_error() and ERR_error_string().
After *most* OpenSSL errors. Errors (only) on an underlying
I/O operation, in particular a socket I/O operation, return
SSL_ERROR_SYSCALL from SSL_get_error, and in that case you
should use errno (+ strerror) for Unix and WSAGetLastError()
(+ some Windows stuff) for Windows. (And I don't know what
for VMS, if you still have one.) Plus there are a few odd
corners that don't use ERR_* at all; the last one I remember
running into was txt_db.
But for the returns from SSL_get_error, which OP asked about,
just match to SSL_ERROR_* and 2 is indeed _WANT_READ.
>I think what's happening with your code is that you set a recv timeout
>on the listen socket, so you listen for one second and then hit the
>timeout and the socket returns EWOULDBLOCK/EAGAIN to OpenSSL which
>causes OpenSSL to return SSL_ERROR_WANT_READ.
specifically SSL_get_error returns that after DTLSv1_listen returns -1.
And similarly for nearly all other protocol functions; this is just
the first one the program attempted.
>So do whatever you wanted to do if the timeout expired, or don't set one.
yes.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
