> From: owner-openssl-users On Behalf Of Dave Mitchell
> Sent: Thursday, October 24, 2013 06:25
> On Sun, Oct 20, 2013 at 09:29:53PM +0100, Dave Mitchell wrote:
> > The man page for SSL_get_error() lists the SSL_* functions it can be
used
> > with, and it doesn't mention SSL_shutdown().
> >
> > On the other hand, the man page for SSL_shutdown() says that for
> > non-blocking I/O, you should call SSL_get_error().
> >
It also says for return -1 (like all SSL_ comm functions for -1),
but maybe not for return 0, see below.
> > So which is right?
> >
The more specific one usually is, and apparently is in this case.
> > I ask, because in the following code:
> >
> > ret = SSL_shutdown(ssl);
> > ssl_err = SSL_get_error(ssl, ret);
> >
> > I'm getting ret = 0, ssl_err = 5 (SSL_ERROR_SYSCALL).
> > This is using a bio_pair, where my own code handles the underlying reads
> > and writes (all single threaded), so SSL_shutdown() shouldn't be doing
any
> > system calls (and indeed strace shows that it isn't). So I'm confused.
>
...
RETURN VALUES
The following return values can occur:
1 ...
0 The shutdown is not yet finished. Call SSL_shutdown() for a
second
time, if a bidirectional shutdown shall be performed. The output
of SSL_get_error(3) may be misleading, as an erroneous
SSL_ERROR_SYSCALL may be flagged even though no error occurred.
-1 ...
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
