[gnutls-dev] Non blocking I/O

[Torsten Landschoff]

Hi there, 

As the Debian Maintainer of OpenLDAP I am trying to port that beast from
OpenSSL to GnuTLS. Big problem: It is using non blocking I/O. It seems
like OpenSSL deals with the resulting complication under the hood.

From the GnuTLS documentation it seems like I have to redo an
interrupted send/recv with exactly the same parameters. Which makes the
application code quite complicated and really does not fit well into
OpenLDAP. 

I wonder if that is true. If it is - do I have to pass the same address
of the buffer or is it okay to copy the data somewhere else for the
second iteration? 

IOW: Can I do

	ssize_t s = gnutls_record_send(session, buffer, size);
	if (s == GNUTLS_E_AGAIN) {
		void *new_buffer = malloc(size);
		memcpy(new_buffer, buffer, size);
	}
	gnutls_record_send(session, new_buffer, size);

or is that not even necessary and I can do

	ssize_t s = gnutls_record_send(session, buffer, size);
	if (s == GNUTLS_E_AGAIN)
		gnutls_record_send(session, NULL, 0);

and know that GnuTLS has an internal copy of my data?

Also it seems like I have to maintain a "virtual state" or "wanted
state" of the sockets storing the information that a handshake is
pending and gnutls_handshake has to be invoked again!? Or will a
handshake continue if I am trying to send or receive data?

Sorry for the dumb questions, I am quite new to GnuTLS and want to get
it right the first time.

Thanks
	Torsten
	
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20050311/21fe81e1/attachment.pgp