[openssl-users] SSL_read, SSL_write error handling

Viktor Dukhovni openssl-users at dukhovni.org
Thu Sep 15 05:01:30 UTC 2016


On Thu, Sep 15, 2016 at 05:07:22AM +0200, Alex Hultman wrote:

> If SSL_write returns the error SSL_ERROR_WANT_READ, am I then allowed to
> call SSL_read before I have called SSL_write?

WANT_READ means that OpenSSL *internally* needs to read some (often
ciphertext) bytes from the peer, and that since the socket is
non-blocking or you're using BIO_pairs, ... the application must
wait for data to arrive (poll(), select(), ...) and then retry
the call once the socket becomes readable.

It is not an invitation to read *application* layer data, which
would typically also fail for lack anything to read at that
moment.

    * WANT_READ -- Select the socket for read, and retry
      the original function (hanshake, read or write) once
      the socket is readable.

    * WANT_READ -- Select the socket for write, and retry
      the original function (hanshake, read or write) once
      the socket becomes writable.

Again, these are not a request for the application to *consume*
data, rather the application needs to retry once the socket is
ready for the requested operation.  OpenSSL will internally
read or write to the socket.

-- 
	Viktor.


More information about the openssl-users mailing list