Hi,
To make it clearer. Select or poll will return as soon as the socket is
writable. However, SSL still needs to negotiate keys and encryption with the
peer before you can exchange any data. This is handled transparently for you
in each SSL_write call. Therefore SSL replies to you "Yes the socket is
writeable, but I am not done yet with the handshake".
When you get SSL_ERROR_WANT_WRITE none of your data is written to the
socket. You need to put it in a loop and call select or poll again. If you
want to be efficient and not do many loops, put a sched_yield(); inside your
loop.
BR,
Nikos
----- Original Message -----
From: "David Schwartz" <dav...@webmaster.com>
To: <openssl-users@openssl.org>
Sent: Monday, May 11, 2009 8:53 PM
Subject: RE: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking
socket. Do I need to re-insert the same data when socket is ready.
The short answer to the question in your subject is "yes", you have made a
contract with OpenSSL to do so, so you sould fulfill that contract.
Non-Blocking socket.
called SSL_write with data (say 'abc123') and socket 'h'.
Then 'SSL_get_error' found error code SSL_ERROR_WANT_WRITE.
That means that the SSL_write function cannot make forward progress until
the socket becomes writable. You have made a contract to send 'abc123' as
the next six bytes of data, and you cannot change that.
after some time call to 'select' detected that socket 'h' is
writable. (Does it mean that data 'abc123' was written successfully ?)
The question is ambiguous. But since you made a contract to send the data
'abc123', you are still required to send it, whether or not OpenSSL
actually
needs to get that data from you. (It might need the data, or it might
ignore
the next six bytes since it knows they're 'abc123', that's not your
business.)
Then I have to insert more data (say 'def567'). So before inserting
this data should I re-insert 'abc123' data too ?
Assuming you set MOVING_WRITE_BUFFER (which you should), you can send any
data you want, but you must repeat the send of 'abc123' (possibly with
additional data at the same time).
Because the return value of SSL_write was not a positive integer, no data
was logically consumed between the application and OpenSSL. So you must
re-send the same data, whether or not OpenSSL actually needs it.
(Otherwise,
there would be no way to know what data needed to be sent and what didn't
without a more complex interface.)
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
