Hi,
Thanks for the detailed explanation. Just a coupla more doubts :)
Bodo Moeller wrote:
> SSL_read cannot return anything until a complete record has been
> received over the network. If the SSL_read request is for less bytes
> than contained in that record, then the rest will be buffered. Thus
> applications do not have to worry about record boundaries when using
> SSL_read.
>
> SSL_write will send the data passed to it in a single record unless
> unless the request is too large for one record. So for efficiency,
> avoid repeated calls to SSL_write with small (less than 16 KB)
> payloads if you can; if you buffer the data until you have 16 KB, then
> some network overhead will be avoided.
The SSLPlainText record, the SSLCompressed record and the SSLCipherText
record all have a length field. Then what does it mean to say that the
record size is 16 KB ? and which of the the above 3 records is
it?
Lets say a server wants to write plaintext of just 1 KB ? Must OpenSSL
then, somehow buffer/encrypt this data to become 16 KB (becasue as
pointed out SSL_read won't return until it has a complete record)?
Wouldn't this be a wastage of bandwidth?
I am somewhat confused by the choice of record size and would greatly
appreciate any explanation.
Thanks,
Amit.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]