understanding the SSL I/O model
Paul Aurich
paul at darkrain42.org
Tue Jul 6 23:13:18 CEST 2010
On 2010-07-06 02:23, Nikos Mavrogiannopoulos wrote:
> On Tue, Jul 6, 2010 at 10:58 AM, Christian Parpart <trapni at gentoo.org> wrote:
>> Hey all,
>> I've got a question I could not actually google for it.
>> Somebody recently told me, that an SSL write or read operation may also
>> result in not just a write for write, or read for read, but also, that a
>> write could also require a read and vice versa.
>> I have absolutely no idea when and why, except (maybe) for the
>> rehandshake-part which *seems* to be allowed to be ignored and hope, that
>> the other side accepts it.
>
> Read and write are independent in TLS (and SSL). Every request for
> read needs only to read data, and the same occurs for write. The one
> who told you was probably talking about some other protocol.
What happens if, in the processing of read data, GnuTLS encounters an
invalid record and generates a TLS fatal alert? Presumably that needs
to actually be sent to the remote end of the connection.
~Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100706/b91a2ecb/attachment.pgp>
More information about the Gnutls-help
mailing list