On Thu, Jul 31, 2008 at 11:49:05AM -0700, David Schwartz wrote: > > > 3) We call SSL_read with our 8k buffer. The received data does not fit, > > so OpenSSL buffers it internally and returns 8K with > > SSL_ERROR_WANT_READ. > > How it can both succeed (returning 8K) and fail (returning > SSL_ERROR_WANT_READ)?
Let me trace through the application. Looking at the source code, it appears that the application may have a bug (checking the SSL error stack via SSL_get_error() when SSL_read() returned > 0) but that what is actually happening here is: 1) SSL_read() is returning < 0, SSL_get_error() is returning WANT_READ *but* 2) Internally, SSL_read has taken the bytes from the socket buffer, so calling select() on the fd for read will still never work. There seems to be no way for the application to know that what it *really* needs to do is retry the call with a larger buffer, that nothing else will suffice. In other words, by code inspection, it seems the bug's actually worse than I thought. But I'll trace through it too to double-check. Thor ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
