[openssl-users] Disable SSL_ERROR_WANT_READ / WRITE ?

Michael Wojcik Michael.Wojcik at microfocus.com
Thu Dec 7 13:54:32 UTC 2017

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> Of Salz, Rich via openssl-users
> Sent: Wednesday, December 06, 2017 15:22
> ➢    Or at least that used to be the case. TLSv1.3 got rid of renegotiation, so if
> you have a TLSv1.3 connection, it will never renegotiate.
> But it could ask for a certificate, which would trigger SSL_WANT_WRITE

Yeah. I alluded to that later in my message, though not very clearly.

The main point is that you have to handle WANT_x.

I also forgot to mention that Eric Rescorla's book calls renegotiation "rehandshaking", so someone trying to understand this process (in SSL/TLS versions prior to 1.3) might also want to look for that term.

Michael Wojcik 
Distinguished Engineer, Micro Focus 

More information about the openssl-users mailing list