[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-users
Subject:    Re: non-blocking problem
From:       "Dr. Stephen Henson" <steve () openssl ! org>
Date:       2010-04-27 21:48:51
Message-ID: 20100427214851.GA76508 () openssl ! org
[Download RAW message or body]

On Tue, Apr 27, 2010, piper.guy1 wrote:

> Hi again,
> 
> I'm trying to follow the instructions in the OpenSSL reference book,
> and their example code from their site for setting a socket to
> 'non-blocking'.
> 
> Before I made any changes, I was working with good code that was
> making secure connections with no problems.
> 
> Essentially:
>   bio = BIO_new_connect(connect_str);
>   BIO_do_connect(bio);
>   ssl = SSL_new(ctx);
>   SSL_set_bio(ssl, bio, bio);
>   SSL_connect(ssl);
> 
> >From the example code, it seemed easy enough to call 'SSL_get_rfd()
> using the SSL object to get the file descriptor in order to use
> fcntl()  to change the socket to non-blocking. However when I did
> this, calls to SSL_get_rfd() always return -1. Reading the function
> description docs, SSL_get_rfd() will return -1 if the BIO is not
> "suitable for file descriptors". The example code doesn't show how
> their BIO & SSL objects were created, and there's no other reference
> or information on what they mean on how to make them 'suitable'.
> 
> So, I tried another approach. I created a socket the convention way
> and did a connect, followed by:
>   bio = BIO_new_socket(sd, BIO_CLOSE);
>   ssl = SSL_new(ctx) ;
>   SSL_set_bio(ssl, bio, bio);
>   SSL_connect(ssl);
> which also worked....until I called SSL_get_rfd() after I created the
> SSL object, which again returned -1.
> 
> What am I doing wrong? How do you make a BIO object for file
> descriptors suitable?
> 

Well I didn't write that "suitable" phrase. I'm not sure why you're getting
the -1 return does ERR_print_errors_fp(stderr) give anything useful?

In the second example you can use the pass descriptor "sd" for the purpose:
all the following calls do is associate it with the SSL structure.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]