[openssl-users] SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE

[Jakob Bohm]

On 09/03/2015 13:21, Serj Rakitov wrote:
> I have to open discussion again.
>
> I want to test situations when SSL_read WANT_WRITE and SSL_write WANT_READ. But I can't do this. SSL_read never wants write and SSL_write never wants read!
>
> I don't know how to catch these situations. I don't know how to rehandshake. I tried after connect and handshake to send data simultaneously both to server and to client and never got one of those situations, SSL_read  only wanted to read and  SSL_write  only wanted to write, all data was received by both client and server.
>
> I don't even understand how SSL_write can want to read? In what cases?
> I can understand when SSL_read wants to write, for example when client got HelloRequest or server got a new ClientHello while reading data. But I can't test it, because I don't know how to start handshake again, how to perform a rehandshake(renegotiation).
>
> Can anybody help me? How to test these situations or how to perform a rehandshake?
Not having tested or read the relevant OpenSSL code, I
presume that SSL_write could want a read if it has sent
a handshake message, but not yet received the reply, thus
it cannot (encrypt and) send user data until it has
received and acted on the handshake reply message.

Maybe the easier scenarios are at the start of a session,
where the initial handshake has not yet completed, as
happens in a HTTPS client (always writes a request before
the first read) or a simple SMTPS server (always writes a
banner line before the first read of client commands,
except in some servers that do an early read to check if
a broken/spammer client is trying to send before receiving
the banner).

-- 

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded