|
|
|
@@ -3,6 +3,12 @@ buggy_openssl_with_fullduplex |
|
|
|
|
|
|
|
Toy code which shows problems with non-blocking, fullduplex I/O & renegotiation in OpenSSL |
|
|
|
|
|
|
|
What is it: |
|
|
|
This code shows that it is not possible to use SSL_write() and SSL_read() functions in the same |
|
|
|
way as ::send() and ::recv(). |
|
|
|
The main difference between SSL_write/read functions and send/recv system calls is that |
|
|
|
SSL_write function may in fact read data from the socket in some situations (similary |
|
|
|
SSL_read may need to write data to the socket). |
|
|
|
|
|
|
|
How it works: |
|
|
|
|
|
|
|
@@ -35,4 +41,4 @@ How it works: |
|
|
|
TCP: |
|
|
|
In TCP exchange we can see that transfer between client & server is OK until |
|
|
|
client sends "Client Hello" packet. This packet is sent when SSL_renegotiate |
|
|
|
is called |
|
|
|
is called |
Krzysztof Kwiatkowski
10 年之前