On Oct 9, 2013, at 10:59 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > A better solution is to not call SSL_pending() until the SSL > handshake completes. For now you should keep track of whether > SSL_accept() has completed for a given session, and refrain from > SSL_pending() until then.
Agreed, but my code never calls SSL_accept(); instead it just calls SSL_set_accept_state() during setup. Given that, I'm not sure how to detect that the handshake has completed. Is there a way to know? > By using SSLv3_method() you don't get to take advantage of improvements > in TLSv1, TLSv1.1 or TLSv1.2. You only get SSLv3. SSLv3 is > obsolete, you should be using TLS 1.0 or later. I see. > Also perhaps the SSL_pending() function should not fail in such a > surprising way. When called before the handshake has completed, > it should perhaps simply return 0. Agreed. I've sent a bug report to r...@openssl.org requesting that. -Jeremy______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
