> TCP can do half-duplex connections (read side shut down, write side > still operating).
> OpenSSL can not do half-duplex connections. True. > An innocent OpenSSL API user is not told that OpenSSL can not do > half-duplex connections and that he must not try. Nonsense. It is impossible for him to try, so it's pointless to warn him not to. We don't warn people not to become invisible because it's impossible for people to become invisible. There is no function analogous to shutdown(SHUT_RD) for SSL connections. No such function exists. > > What do you see as the difference between OpenSSL's behavior > > and classic TCP > > behavior in this case? > I hope I answered you adequately in the section above, combined with the > supporting details in my previous emails. You are correct that one difference between SSL connections and TCP connections is that it is impossible to even attempt a half-duplex SSL connection. But since you can't even try to create one since no function exists to do it, what possible documentation would you want? Do you want "Note: There is no function analogous to shutdown(SD_RD) for SSL connections." I don't see how pointing out the nonexistence is going to help anyone. Anyone not looking for it likely doesn't care whether it exists or not. Anyone looking for it won't find it and will quickly realize that it doesn't exist. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
