I'm trying to write a secure embedded HTTP server using OpenSSL. I'm using non-blocking I/O, and the main functions I'm using are SSL_accept(), SSL_read(), SSL_write(), and SSL_shutdown(). After each one, I want to handle all possible return codes, but I can't find docs that describe the meaning of them all. I've read many pages under http://www.openssl.org/docs/ssl/ and reviewed s_server.c .
For example, SSL_accept() sometimes returns 0, with SSL_get_error() returning SSL_ERROR_SYSCALL . No errors show up from ERR_get_error(). How should I handle this? Merely trying the SSL_accept() again results in a busy loop with the same results. Here's the block of code in question, in Perl and using the Net::SSLeay module (which is basically wrappers around OpenSSL functions with the "SSL_" prefixes removed). $select_read and $select_write are IO::Select objects, which are collections of handles to use in a select() call: ================================== my $rv= Net::SSLeay::accept($ssl) ; if ($rv<=0) { my $err= Net::SSLeay::get_error($ssl, $rv) ; if ($err==Net::SSLeay::ERROR_WANT_READ() or $err==Net::SSLeay::ERROR_WANT_ACCEPT()) { $select_read->add($socket) ; $select_write->remove($socket) ; } elsif ($err==Net::SSLeay::ERROR_WANT_WRITE()) { $select_write->add($socket) ; $select_read->remove($socket) ; } elsif ($err==Net::SSLeay::ERROR_SYSCALL()) { warn Net::SSLeay::ERR_error_string($err) . "\n" while $err= Net::SSLeay::ERR_get_error() ; } return 0 ; # Upon success, do stuff. } else { # do stuff . . . } ================================== The zero+SSL_ERROR_SYSCALL busy-loop result comes when using Chrome 19.0.1084.56, but not Firefox 13.0. When I kill the server process, either browser immediately displays the resulting page correctly. Does this behavior ring any bells? This is all on Linux 3.1.10 (openSUSE). SSL_read(), SSL_write(), and SSL_shutdown() are each handled with a similar block. That's one of several questions I have. A more general question is: Where can I find descriptions of all return codes when using non-blocking I/O? Thanks for any help! Cheers, James