Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.

Tue, 12 May 2009 01:17:45 -0700 

See inlined answers. Next time don't truncate the thread.




To make it clearer. Select or poll will return as soon as the socket is
writable. However, SSL still needs to negotiate keys and
encryption with the
peer before you can exchange any data. This is handled
transparently for you
in each SSL_write call. Therefore SSL replies to you "Yes the socket is
writeable, but I am not done yet with the handshake".


That would be SSL_ERROR_WANT_READ. If you get SSL_ERROR_WANT_WRITE, that
means OpenSSL found that the socket was not wriable.
No. SSL doesn't decide that. It is done at a lower level. It is decided by poll or select. The socket is writable the minute it unblocks (without errors other than SSL_*). And can be either SSL_WRITE or SSL_read. Read the manual. 


When you get SSL_ERROR_WANT_WRITE  none of your data is written to the
socket.



There is no such guarantee. OpenSSL may have written some, all, or none of
your data to the socket. All that you know is:


Yes, there is. By poll. If you get an error, your data is not written.
1) OpenSSL needs the socket to be writable to make further progress in this 
direction.

2) You must provide the same data to OpenSSL the next time you call
SSL_write.


Not necessarily, if you are using moving_buffers.


However, it is entirely legal within the specification for all the data to
appear on the other end of the connection. (Though in practice, this won't
happen.)


You need to put it in a loop and call select or poll
again. If you
want to be efficient and not do many loops, put a sched_yield();
inside your
loop.


That would be pointless. The 'select' or 'poll' function permits efficient
blocking and beneficial context switches. Adding a sched_yield only adds
context switches where they are not necessary and blows out the caches.
Not in the case of SSL. Once poll unblocks SSL still needs the socket to do its stuff. If you try to write or read, the minute poll unblocks you, will be in trouble. You have to wait, in a loop, sometimes 50 loops. To be more CPU efficient, you can use sched_yield(), but it is up to you. 

It's all in the manual. Read it.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to