Bodo Moeller wrote:
> On Tue, Jul 06, 1999 at 11:16:50AM +0200, Juan Pablo Rojas Jimenez wrote:
>
> > Could anyone tell me what's the exact meaning of the possible errors
> > returned in a SSL_read/write call.
>
> Note that those errors are not returned by
> SSL_{accept,connect,read,write}, but are returned by
> SSL_get_error(ssl, r) where r is the return value of one of those.
Oh yes, that what i was meaning.
>
>
> > SSL_ERROR_NONE
>
> That one is easy, I guess :-)
>
> > SSL_ERROR_WANT_WRITE
> > SSL_ERROR_WANT_READ
>
> These can happen only with non-blocking I/O (or with BIO pairs, which
> will be available in OpenSSL 0.9.4). It means that the program has to
> retry the SSL_... call; progress is guaranteed for the next call if
> writing or reading, respectively, is possible on the underlying I/O
> device by then (for sockets, typically select() or poll() will be
> used to determine when time is ready for retry).
Does it mean that when reveiving a SSL_ERROR_WANT_WRITE/READ
the program hasn't sent/received all data it was expecting to... i mean ,
the
data i told him to send/receive , or it could be something that the
library does
internally ( or both )?
>
>
> It is important to keep in mind that all those SSL_... calls may
> *both* read and write: E.g. you can observe SSL_ERROR_WANT_WRITE after
> a SSL_read.
So , what should we do then? retry de call with null parameters? , with
original para
meters. I suppose SSL_read/write returns also the data written/read , so
depending
on this value , i'd have to do one thing or another , am I wrong?
> (Because of this, it is a little tricky to handle
> bidirectional SSL I/O correctly without introducing busy waiting -- if
> you call both SSL_write and SSL_read for the same connection, you do
> not know if a SSL_ERROR_WANT_... from the first call is still valid
> after the second one; querying BIO_number_read and BIO_number_written
> helps here because it makes it possible to find out whether something
> happened on the network connection or not).
If I get a SSL_ERROR_WANT_WRITE after a SSL_read call ( or viceversa )
i have to call SSL_write(ssl,NULL,0) ( for example )?
>
>
> > SSL_ERROR_WANT_X509_LOOKUP
>
> This can happen only for clients that have client_cert_cb set:
> the callback may not be able to return a certificate immediately.
> If you don't use SSL_CTX_set_client_cert_cb, you won't see this one.
>
OK, i don't use it :-)
>
> > SSL_ERROR_ZERO_RETURN
>
> The connection was closed (cleanly).
>
> > SSL_ERROR_SYSCALL
>
> Some error occured at I/O level. If the OpenSSL error stack is empty,
> look at the return value of the SSL_... call: 0 means an EOF was
> observed there (but it was not expected by the protocol -- otherwise
> you'd see SSL_ERROR_ZERO_RETURN). If it is -1, look at errno
> (or its equivalent on non-UNIX, non-POSIX systems).
>
> > SSL_ERROR_SSL
>
> Some protocol error happened, and the OpenSSL error stack knows more
> about it (call, e.g., ERR_get_error again and again until it returns
> 0; ERR_error_string translates those numerical values into readable
> strings).
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
begin:vcard
n:Rojas Jimenez;Juan Pablo
x-mozilla-html:FALSE
org:Faculad de Inform�tica;DDpto. de Lenguajes y Sistemas Infotm�ticos.
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
title:Laboratorio de Teleinform�tica
x-mozilla-cpt:;-31968
fn:Juan Pablo Rojas Jimenez
end:vcard
