Hi!
Where did you get the man page for SSL_get_error() from?
How can I find man pages for other SLL functions?
Thanks
Amnon Cohen
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 26, 2000 12:35 AM
> To: [EMAIL PROTECTED]
> Cc: Matti Aarnio
> Subject: Re: SSL_connect() fails on non-blocking sockets.
>
>
> Matti Aarnio <[EMAIL PROTECTED]>:
>
> > It turned out that while the socket the SMTP client code creates is
> > running in non-blocking mode, I must temporarily turn the
> blocking mode
> > on while the SSL setup negotiations are under way.
> > I don't know if creating some wrapper to retry calls to
> SSL_connect()
> > would have helped, but such would have been rather massively kludgy
> > thing..
>
> SSL_connect needs multiple I/O operations in both directions,
> so you cannot expect it to finish at once for non-blocking I/O.
> SSL_connect returning -1 does not always indicate an error.
> Use SSL_get_error to find out if the application should
> select() for readable bytes or for a possibility to write
> more data.
>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
>
> NAME
> SSL_get_error - obtain result code for SSL I/O operation
>
> SYNOPSIS
> #include <openssl/ssl.h>
>
> int SSL_get_error(SSL *ssl, int ret);
>
> DESCRIPTION
> SSL_get_error() returns a result code (suitable for the C
> "switch" statement) for a preceding call to SSL_connect(),
> SSL_accept(), SSL_read(), or SSL_write() on ssl. The value
> returned by that SSL I/O function must be passed to
> SSL_get_error() in parameter ret.
>
> In addition to ssl and ret, SSL_get_error() inspects the current
> thread's OpenSSL error queue. Thus, SSL_get_error() must be used
> in the same thread that performed the SSL I/O operation, and no
> other OpenSSL function calls should appear inbetween. The
> current thread's error queue must be empty before the SSL I/O
> operation is attempted, or SSL_get_error() will not work
> reliably.
>
> RETURN VALUES
> The following return values can currently occur:
>
> SSL_ERROR_NONE
> The SSL I/O operation completed. This result code is
> returned if and only if ret 0>.
>
> SSL_ERROR_ZERO_RETURN
> The SSL connection has been closed. If the protocol version
> is SSL 3.0 or TLS 1.0, this result code is returned only if
> a closure alerts has occured in the protocol, i.e. if the
> connection has been closed cleanly.
>
> SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
> The operation did not complete; the same SSL I/O function
> should be called again later. There will be protocol
> progress if, by then, the underlying BIO has data available
> for reading (if the result code is SSL_ERROR_WANT_READ) or
> allows writing data (SSL_ERROR_WANT_WRITE). For socket BIOs
> (e.g. when SSL_set_fd() was used) this means that select()
> or poll() on the underlying socket can be used to find out
> when the SSL I/O function should be retried.
>
> Caveat: Any SSL I/O function can lead to either of
> SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE, i.e.
> SSL_read() may want to write data and SSL_write() may want
> to read data.
>
> SSL_ERROR_WANT_X509_LOOKUP
> The operation did not complete because an application
> callback set by SSL_CTX_set_client_cert_cb() has asked to be
> called again. The SSL I/O function should be called again
> later. Details depend on the application.
>
> SSL_ERROR_SYSCALL
> Some I/O error occurred. The OpenSSL error queue may contain
> more information on the error. If the error queue is empty
> (i.e. ERR_get_error() returns 0), ret can be used to find
> out more about the error: If ret == 0, an EOF was observed
> that violates the protocol. If ret == -1, the underlying BIO
> reported an I/O error. (For socket I/O on Unix systems,
> consult errno.)
>
> SSL_ERROR_SSL
> A failure in the SSL library occured, usually a protocol
> error. The OpenSSL error queue contains more information on
> the error.
>
> SEE ALSO
> ssl(3), err(3)
>
> HISTORY
> SSL_get_error() was added in SSLeay 0.8.
>
> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> <<<<<<<<<<<<<<<
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
