diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2001-05-12 09:49:02 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2001-05-12 09:49:02 +0000 |
commit | 33ab4699ba2466260504e65349ac93c1a94529d9 (patch) | |
tree | a74c233043fc4082b5f48d4e560ae54733a579ab /doc/ssl | |
parent | 595cc5b4b86327fba7bb0570294f7fb05987485b (diff) |
Clarify behaviour with respect to SSL/TLS records.
Diffstat (limited to 'doc/ssl')
-rw-r--r-- | doc/ssl/SSL_read.pod | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod index 7db5ee0a22..0db51452be 100644 --- a/doc/ssl/SSL_read.pod +++ b/doc/ssl/SSL_read.pod @@ -31,6 +31,18 @@ L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state() must be used before the first call to an SSL_read() or L<SSL_write(3)|SSL_write(3)> function. +SSL_read() works based on the SSL/TLS records. The data are received in +records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a +record has been completely received, it can be processed (decryption and +check of integrity). Therefore data that was not retrieved at the last +call of SSL_read() can still be buffered inside the SSL layer and will be +retrieved on the next call to SSL_read(). If B<num> is higher than the +number of bytes buffered, SSL_read() will return with the bytes buffered. +If no more bytes are in the buffer, SSL_read() will trigger the processing +of the next record. Only when the record has been received and processed +completely, SSL_read() will return reporting success. At most the contents +of the record will be returned. + If the underlying BIO is B<blocking>, SSL_read() will only return, once the read operation has been finished or an error occurred, except when a renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. |