On Thu, Apr 17, 2014 at 7:04 PM, <openssl-us...@dukhovni.org> wrote: > On Thu, Apr 17, 2014 at 12:48:11PM -0400, Jeffrey Walton wrote: > >> > This would be the job of a buffering layer above the SSL connection. >> > In Postfix, for example, there is a buffering "vstream" layer above >> > SSL. Peeking at plaintext data without consuming it is a vstream >> > layer feature. >> >> SSL_peek? I'm not sure if its intended to be a public function, >> though. But it is used in s_client. > > Generally the public SSL library interfaces have names that start > with "SSL_" (upper case) and the private interfaces have names that > start with "ssl_" (lower case), so likely SSL_peek() is a public > interface. Unfortunately, not all the public interfaces are documented > as such, so we are sometimes forced to guess. > > In this case there are brief references to SSL_peek() in the > SSL_get_error(3) and ssl(3) manpages, so the evidence for a public > interface is stronger, though the function is not fully documented. >
I have to admit that I tried SSL_peek() and noticed that the behavior is a bit different than I expected. I am using M2Crypto [1] as openssl wrapper for python and when I use SSL_peek() I noticed that there is no read event after peeking for select.select() or select.poll(). It seems that it behaves a bit different than reading with socket.MSG_PEEK flag. 1. https://pypi.python.org/pypi/M2Crypto > > -- > Viktor. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
