[openssl-users] Disable SSL_ERROR_WANT_READ / WRITE ?
Michael Wojcik
Michael.Wojcik at microfocus.com
Thu Dec 7 13:54:32 UTC 2017
> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> Of Salz, Rich via openssl-users
> Sent: Wednesday, December 06, 2017 15:22
>
> ➢ Or at least that used to be the case. TLSv1.3 got rid of renegotiation, so if
> you have a TLSv1.3 connection, it will never renegotiate.
>
> But it could ask for a certificate, which would trigger SSL_WANT_WRITE
Yeah. I alluded to that later in my message, though not very clearly.
The main point is that you have to handle WANT_x.
I also forgot to mention that Eric Rescorla's book calls renegotiation "rehandshaking", so someone trying to understand this process (in SSL/TLS versions prior to 1.3) might also want to look for that term.
--
Michael Wojcik
Distinguished Engineer, Micro Focus
More information about the openssl-users
mailing list