generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New SSL API mode 'SSL_MODE_AUTO_RETRY', which disables the default

Browse Source 
behaviour that SSL_read may result in SSL_ERROR_WANT_READ.
This commit is contained in:
Bodo Möller 2000-09-12 20:28:30 +00:00
parent fb1cba063d
commit 54f10e6adc
3 changed files with 40 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGES
View File

@ -4,6 +4,15 @@
Changes between 0.9.5a and 0.9.6 [xx XXX 2000] Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
*) New SSL API mode 'SSL_MODE_AUTO_RETRY'. This disables the default
behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if
the underlying transport is blocking) if a handshake took place.
(The default behaviour is needed by applications such as s_client
and s_server that use select() to determine when to use SSL_read;
but for applications that know in advance when to expect data, it
just makes things more complicated.)
[Bodo Moeller]
*) Add RAND_egd_bytes(), which gives control over the number of bytes read *) Add RAND_egd_bytes(), which gives control over the number of bytes read
from EGD. from EGD.
[Ben Laurie] [Ben Laurie]

52
ssl/s3_pkt.c
View File

@ -899,19 +899,21 @@ start:
return(-1); return(-1);
} }
if (s->s3->rbuf.left == 0) /* no read-ahead left? */ if (!(s->mode & SSL_MODE_AUTO_RETRY))
{ {
BIO *bio; if (s->s3->rbuf.left == 0) /* no read-ahead left? */
/* In the case where we try to read application data {
* the first time, but we trigger an SSL handshake, we BIO *bio;
* return -1 with the retry option set. I do this /* In the case where we try to read application data,
* otherwise renegotiation can cause nasty problems * but we trigger an SSL handshake, we return -1 with
* in the blocking world */ /* ? */ * the retry option set. Otherwise renegotiation may
s->rwstate=SSL_READING; * cause nasty problems in the blocking world */
bio=SSL_get_rbio(s); s->rwstate=SSL_READING;
BIO_clear_retry_flags(bio); bio=SSL_get_rbio(s);
BIO_set_retry_read(bio); BIO_clear_retry_flags(bio);
return(-1); BIO_set_retry_read(bio);
return(-1);
}
} }
} }
} }
@ -1022,19 +1024,21 @@ start:
return(-1); return(-1);
} }
if (s->s3->rbuf.left == 0) /* no read-ahead left? */ if (!(s->mode & SSL_MODE_AUTO_RETRY))
{ {
BIO *bio; if (s->s3->rbuf.left == 0) /* no read-ahead left? */
/* In the case where we try to read application data {
* the first time, but we trigger an SSL handshake, we BIO *bio;
* return -1 with the retry option set. I do this /* In the case where we try to read application data,
* otherwise renegotiation can cause nasty problems * but we trigger an SSL handshake, we return -1 with
* in the blocking world */ /* ? */ * the retry option set. Otherwise renegotiation may
s->rwstate=SSL_READING; * cause nasty problems in the blocking world */
bio=SSL_get_rbio(s); s->rwstate=SSL_READING;
BIO_clear_retry_flags(bio); bio=SSL_get_rbio(s);
BIO_set_retry_read(bio); BIO_clear_retry_flags(bio);
return(-1); BIO_set_retry_read(bio);
return(-1);
}
} }
goto start; goto start;
} }

3
ssl/ssl.h
View File

@ -335,6 +335,9 @@ typedef struct ssl_session_st
* the misconception that non-blocking SSL_write() behaves like * the misconception that non-blocking SSL_write() behaves like
* non-blocking write(): */ * non-blocking write(): */
#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
/* Never bother the application with retries if the transport
* is blocking: */
#define SSL_MODE_AUTO_RETRY 0x00000004L
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
* they cannot be used to clear bits. */ * they cannot be used to clear bits. */