> > Well, if s_client is broken in the blocking mode maybe it should be > > removed completely. I did test it in the non-blocking mode and, of > > course, it does not have the described error. > > So are you saying the bug is: > > * in s_client (for not correctly handling the SSL layer APIs) or > > * the bug is in the SSL library (for issuing 2 blocking system calls > when SSL_MODE_AUTO_RETRY is not set within the same high level SSL layer > API call SSL_read() in this particular case) or > > * you didn't have time to nail down the precise cause > > > If the bug is in the SSL library then s_client may not be broken, its > simply exposing a bug in a corner case.
My first reaction was that this is a bug in the library, but I didn't feel very strong about it and would have accepted that this is just a bug in s_client. I like your argument about the library not having the right to make 2 blocking calls unless retry is set and now I'm back to thinking that this should be fixed in the library. I'm pretty confident that the fix (if it is feasible) is not going to break any correct application code. And I'm pretty confident that it is going to make app. engineer's life easier. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]