Does anyone know if it is possible, and how, to control the way OpenSSL communicates with the remote host? Wget normally precedes each read() and write() with a select() that enforces the idle timeout specified by the user using --read-timeout and --timeout.
In SSL it is not enough to select() before SSL_read because SSL_read can and does call read multiple times, which breaks the intended timeout semantics. Is there a way to prevent this? Manual for BIO_new_bio_pair(3) indicates that this could be done by obtaining a BIO pair: The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface. However, it doesn't go on to provide an example how to do so, it only offers a vague description.