SSL_ERROR_WANT_READ after the handshake

Dr. Matthias St. Pierre Matthias.St.Pierre at ncp-e.com
Mon Mar 14 09:15:30 UTC 2022


FWIW: I noticed recently, that in TLSv1.3 it seems to be rather normal to encounter an SSL_WANT_READ immediately
after returning from a successful SSL_connect() call (even in the blocking case), because part of the handshake is disguised
as application data and apparently SSL_connect() returns before the entire handshake has completed, see [issue #17654].

[issue #17654]: https://github.com/openssl/openssl/issues/17654

From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of loic nicolas
Sent: Sunday, March 13, 2022 12:08 AM
To: openssl-users at openssl.org
Subject: SSL_ERROR_WANT_READ after the handshake

Hello,

I use my own bios and non-blocking sockets.

After the handshake, is it really necessary to check SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE? (whether on the server or client side)
I don't want to accept a renegotiation, is it really possible that OpenSSL sends me these events without them being linked to a renegotiation?

I did several tests on more or less long connections and I never receive them but I would like to be sure.

Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220314/a3dd60ea/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7448 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220314/a3dd60ea/attachment-0001.bin>


More information about the openssl-users mailing list