> Thanks Darryl for your help.
>
> I wrote that "when I send a new packet from the client I can read
> the missing
> packets, but not the new one" But in fact I can read the missing
> packets and a part of the second packets.
>
> Here is the trace. I send a trame of 10 bytes from the client, and the
> server read 5 bytes.
Your problem is basically that you are waiting for network I/O when the
network I/O you are waiting for has already occured. Do not assume that
there will be no *decrypted* data unless you *know* there is no decrypted
data. That 'select' tells you there is no *encrypted* data (for SSL to
receive from the socket and decrypted) does not mean there is no *decrypted*
data (that has already been received and decrypted).
You should, ideally, rely on no assumptions about how moving encrypted
data
will affect the motion of decrypted data. In other words, you should *never*
assume that OpenSSL will not be able to give you more decrypted data from
the other side until it reads more encrypted data from the other side unless
OpenSSL specifically tells you that this is the case (through a WANT_READ
indication).
This is what you are doing by waiting for 'select' to tell you there is
more *encrypted* data for SSL to read. It is wrong unless the last thing
OpenSSL told you was that SSL_read returned WANT_READ.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
