Hi,

SSL_pending() returns the number of bytes in the SSL buffer that have been
decrypted by not requested by SSL_read().  This will occur when there is a
mismatch between the number of bytes requested by SSL_read() and the block
size used to encrypt/decrypt the data.

SSL_ERROR_WANT_READ (and SSL_ERROR_WANT_WRITE) are returned to indicate that
an SSL handshake is going on, and is not complete, so you should re-call the
same function.  No data will be decrypted into the SSL buffer, so
SSL_pending() will always return zero.

This is described in the manual pages, I believe, and in Mr Rescorla's
excellent book.

G.


-----Original Message-----
From: Patrick Li [mailto:[EMAIL PROTECTED]]
Sent: 12 March 2002 20:35
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: SSL_pending() and SSL_ERROR_WANT_READ


Hi,

I am experiencing the followings when running my SSL client on nonblocking
sockets.

1.  SSL_read() fails and SSL_get_error() returns SSL_ERROR_WANT_READ
2.  my client program calls SSL_pending() and it returns non-zero.
3. since SSL_pending() is returning non zero, that is data available and my
program won't select on the read socket.
4.  call SSL_read() again and it returns SSL_ERROR_WANT_READ

My question is the SSL_pending() returning of non-zero is misleading.  As
the subsequent SSL_read() call at step 4 is returning SSL_ERROR_WANT_READ
again.  So, may be I should not check  SSL_pending() when SSL_read() returns
SSL_ERROR_WANT_READ?

Can someone confirm?

Thanks a lot.
Patrick


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to