From 24b44446e20b3e80999b18fd4f76316f7220b5cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Tue, 28 Nov 2000 06:58:22 +0000 Subject: [PATCH] Comments on SSL_peek deficiencies --- ssl/s2_lib.c | 3 +++ ssl/s3_lib.c | 4 ++-- ssl/ssl_lib.c | 7 +++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 129ed89d9..a6f4db36c 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -260,6 +260,9 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u) int ssl2_pending(SSL *s) { + /* Unlike ssl2_pending, this one probably works (if read-ahead + * is disabled), but it should be examined + * XXX */ return(s->s2->ract_data_length); } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 184d4f47f..b8ffbed64 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -638,10 +638,10 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u) return(NULL); } -/* The problem is that it may not be the correct record type */ int ssl3_pending(SSL *s) { - return(s->s3->rrec.length); + /* The problem is that it may not be the correct record type */ + return(s->s3->rrec.length); /* FIXME */ } int ssl3_new(SSL *s) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index ed2b82098..105bcb2fc 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -576,6 +576,13 @@ int SSL_get_read_ahead(SSL *s) int SSL_pending(SSL *s) { + /* SSL_pending cannot work properly if read-ahead is enabled + * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), + * and it is impossible to fix since SSL_pending cannot report + * errors that may be observed while scanning the new data. + * (Note that SSL_pending() is often used as a boolean value, + * so we'd better not return -1.) + */ return(s->method->ssl_pending(s)); }