On Wed, May 25, 2005 at 09:43:00AM +0100, Philip Hazel wrote: > On Wed, 25 May 2005, Ian FREISLICH wrote: > > > If the underlying BIO is non-blocking, SSL_write() will also return, > > when the underlying BIO could not satisfy the needs of SSL_write() to > > continue the operation. In this case a call to SSL_get_error(3) with > > the return value of SSL_write() will yield SSL_ERROR_WANT_READ or > > SSL_ERROR_WANT_WRITE. As at any time a re-negotiation is possible, a > > call to SSL_write() can also cause read operations! The calling > > process > > then must repeat the call after taking appropriate action to satisfy > > the needs of SSL_write(). The action depends on the underlying BIO. > > When using a non-blocking socket, nothing is to be done, but select() > > can be used to check for the required condition. When using a > > buffering > > BIO, like a BIO pair, data must be written into or retrieved out of > > the > > BIO before being able to continue. > > Fascinating, but I'm afraid that's all completely over my head! I'm > really not good at the SSL stuff, and remember, Exim supports GnuTLS as > well as OpenSSL. What is currently there seems to work, and as I have > far too much other stuff to do, my judgement at the moment is to leave > well alone.
it's nasty, because it can make a select loop much more tangled. One alternative would be to fork a process to proxy between SSL and non-SSL connections, though this has its own disadvantages. -- ``Saying that road tax should be spent on transport is like saying that alcohol duty should be spent on pubs.'' (seen on the internet) -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
