> > > 1) You specifically did not tell OpenSSL to accept a moving > > > write buffer. > > > > Correct, I did not tell OpenSSL to accept a moving write > > buffer... but then again, why would I? > > Because your write buffer moves. > > > If I haven't set SSL_MODE_ENABLE_PARTIAL_WRITE, then > > why should the stack care if the buffer moved during the next call? > > Because you specifically asked it to care. >
AGAIN... since I'm not using SSL_MODE_ENABLE_PARTIAL_WRITE, I would expect no part of the buffer I provide to be used in a write failure situation and therefore there should be no concept of a write buffer moving... the next write is a new and unrelated write. To clarify, I would expect that the write would return that it either: a) sent everything (len), or b) sent nothing (zero or error) Either way, I would expect that the next call to write would be completely independent from the previous. It's not clear to me why you cannot see this perspective. I suppose you're thinking the same thing about my position. If it just doesn't work that way, I certainly don't know what SSL_MODE_ENABLE_PARTIAL_WRITE is for then. > > Also, > > the documentation on SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER specifically says > > "(the buffer contents must stay the same)", which as I described it does > > not. > This settings *loosens* restrictions, it does not tighten them. Yes I know, but it doesn't loosen them *enough*. Again, I have a different buffer with different contents, so that doesn't help. I need a SSL_MODE_DISCARD_FAILED_WRITE_BUFFERS or something. > > For grins, I tested with setting > > SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, and as > > I expected, it still fails. > Comments like, "I tried that and it still fails" are just not helpful. Does > it fail precisely the same way? Yes, precisely the same way. If I had more pertinent info I would have added it. > One could imagine an SSL library that supported this. OpenSSL just doesn't It would have been easier on both of us to simply say that from the get-go... I'm not sure why we're beating around the bush here. For anyone who might run into the same problem, the horrible workaround which does work is if you run into a retry situation, save the buffer, and send it again next time even though it's out of date and you don't want to send it. Then you can check if you're in this mode and skip further sends until the one bogus retry buffer finally does get through. And you'll probably have to set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER as I did. It's a total waste of bandwidth in an already congested situation but at least the connection doesn't error-out and close on you. If anyone else has a better solution, I'm all ears... Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
