On Thu, Mar 14, 2002 at 01:00:46PM -0800, John Hughes wrote: > Since s->rstate is set to SSL_ST_READ_HEADER prior to record > decryption and decompression, wouldn't SSL_pending() still > incorrectly indicate that there is data ready to be read in cases > where either of these fail?
I guess so, but applications should not continue to use the SSL object after such fatal errors. I'm not sure what happens if you use SSL_read() in this case -- wouldn't it return some (garbage) data anyway even though decryption or decompression has failed? Probably ssl3_get_record() should reset the record after such errors to make the library more robust. I think there may be more cases where the library behaves strangely if an application uses an SSL object after a failure for this object. -- Bodo Möller <[EMAIL PROTECTED]> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]