On Saturday 31 March 2007 13:30, David Schwartz wrote:
> > It's just this I'm having a hard trouble to grasp.
> > Normally with say 'write' I would do
> >
> > // pseudo code
> > while(written < len)
> > written += write(fd, my_packet + written, len - written);
> >
> > But because SSL_write handles an internal queue and calls for
> > sending the same
> > argument all the time I thought I would do:
> >
> > while( SSL_write(ssl, my_packet, len) <= 0 )
> > /* I assume I get SSL_WANTS_WRITE here */
>
> This says, "either all my data will be sent or none of it will". How can
> that possibly be done in a non-blocking way? What is OpenSSL supposed to do
> if the underlying socket accepts a partial write?
Looking at the function do_ssl3_write I see the following being run
upon the first write performed, (no write buffer pending)
/* memorize arguments so that ssl3_write_pending can detect bad write
retries later */
s->s3->wpend_tot=len;
s->s3->wpend_buf=buf;
s->s3->wpend_type=type;
s->s3->wpend_ret=len;
/* we now just need to write the buffer */
return ssl3_write_pending(s,type,buf,len);
When ssl3_write_pending has a pending buffer it will call
return ssl3_write_pending(......) directly, instead of anything else.
And in the function ssl3_write_pending I see the following:
i=BIO_write(s->wbio, (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
(unsigned int)s->s3->wbuf.left);
............skipping a few lines ................
if (i == s->s3->wbuf.left)
{
s->s3->wbuf.left=0;
s->rwstate=SSL_NOTHING;
return(s->s3->wpend_ret);
}
else if (i <= 0) return i;
Which makes me think that the function will return either an error <=0
or return the TOTAL len that should have been written.
So that makes it true that I should ALWAYS call SSL_write with the SAME
parameters and expect either len or SSL_WANTS_WRITE.
But again, if I'm wrong, please say so. I'm just desperately trying to figure
out how to use this function properly so that even my partial writes will
work when I'm having a very busy network buffer.
>
> > Meaning, SSL_write only returns 0 - get_error returns SSL_WANTS_WRITE
> > But with partial writes (or perhaps even otherwise) I will have
> > to send that I
> > could not send before
>
> Right.
>
> > while( (ret=SSL_write(ssl, my_packet + written, len - written)) <= 0 ||
> > written < len) written+=ret;
> > /* something like that */
> >
> > Meaning, SSL_write will return 0 for SSL_WANTS_WRITE if something
> > failed and
> > it wants to get called again, with the SAME value (my_packet + written,
> > len-written).
> > And return for instance the number 5 if 5 bytes has been written.
> > Therefore, thereafter I must call (my_packet + written(5),
> > len-written(5)) and continue to do so as long as I get SSL_WANTS_WRITE
> > Am I wrong with this?
>
> You are correct. If you successfully send the first 50 bytes of the 100
> bytes you wanted to send, you now only need to send the 50 remaining bytes.
>
> Note that if you have partial writes disabled, there's only one reason to
> call SSL_write a second time after a partial return (since the underlying
> write already tried to avoid a partial write and that must have failed to
> send any more data). The reason wouled be to determine if the problem was a
> fatal connection problem, a 'want read' indication, or a 'want write'
> indication. Otherwise, it's hard to know when to try writing again.
So what would be your recommendation?
Partial writes or not ?
It all seems a bit unclear to me still I'm afraid. mostly because we didn't
seem to be on the same page with the return values of SSL_write.
Thanks for bearing with me
/Tommy Wallberg
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
