David, no it's not that simple.
> 1) You specifically did not tell OpenSSL to accept a moving write buffer.
Correct, I did not tell OpenSSL to accept a moving write buffer... but then
again, why would I? If I haven't set SSL_MODE_ENABLE_PARTIAL_WRITE, then
why should the stack care if the buffer moved during the next call? Also,
the documentation on SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER specifically says
"(the buffer contents must stay the same)", which as I described it does
not.
> 2) You are wondering why OpenSSL is not accepting a moving write buffer.
The buffer is more than moving; it's also a different size and with
different content. If I'm reading the code correctly, in
s3_pkt.c:ssl3_write_pending:
if ((s->s3->wpend_tot > (int)len)
|| ((s->s3->wpend_buf != buf) &&
!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
|| (s->s3->wpend_type != type))
{
SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
return(-1);
}
there's more to this "if" than SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER... i.e.
the check against the length alone could cause this error. So yes, I am
wondering why OpenSSL is not accepting this buffer.
For grins, I tested with setting SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, and as
I expected, it still fails. If I'm missing something even more basic,
please explain. Thanks, Mark.
-----Original Message-----
> Anyway, I'm on 0.9.8e and I've got an application that's doing a lot of
> BIO_write's to a server via TLS. When the write buffer is full, I get -1
> from BIO_write (as expected) and BIO_should_retry returns "do retry" (as
> expected), but when I go to write again a little bit later I get
> SSL_R_BAD_WRITE_RETRY. Now, the important part of this is I'm not writing
> the same thing the second time... it's a different buffer, different
> contents, different length. In my application, the old buffer is
> stale and
> the new one is more applicable so I'm not writing the same thing
> again even
> though the previous write never got sent. Now,
> SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER doesn't really help me, since
> the buffer
> contents and length are different. But since I'm not using
> SSL_MODE_ENABLE_PARTIAL_WRITE, I'm not sure why any of this
> matters anyway?
> Shouldn't the behavior of the BIO_write in the mode of no partial
> writes be
> as if the BIO_write never happened if it fails? I'm wondering why there's
> leftover state causing this error?
Just to clarify:
1) You specifically did not tell OpenSSL to accept a moving write buffer.
2) You are wondering why OpenSSL is not accepting a moving write buffer.
Does that sum up your problem?
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
