[gnutls-dev] Non blocking I/O

[Torsten Landschoff]

Hi there, 

As the Debian Maintainer of OpenLDAP I am trying to port that beast from
OpenSSL to GnuTLS. Big problem: It is using non blocking I/O. It seems
like OpenSSL deals with the resulting complication under the hood.

From the GnuTLS documentation it seems like I have to redo an
interrupted send/recv with exactly the same parameters. Which makes the
application code quite complicated and really does not fit well into
OpenLDAP. 

I wonder if that is true. If it is - do I have to pass the same address
of the buffer or is it okay to copy the data somewhere else for the
second iteration? 

IOW: Can I do

        ssize_t s = gnutls_record_send(session, buffer, size);
        if (s == GNUTLS_E_AGAIN) {
                void *new_buffer = malloc(size);
                memcpy(new_buffer, buffer, size);
        }
        gnutls_record_send(session, new_buffer, size);

or is that not even necessary and I can do

        ssize_t s = gnutls_record_send(session, buffer, size);
        if (s == GNUTLS_E_AGAIN)
                gnutls_record_send(session, NULL, 0);

and know that GnuTLS has an internal copy of my data?

Also it seems like I have to maintain a "virtual state" or "wanted
state" of the sockets storing the information that a handshake is
pending and gnutls_handshake has to be invoked again!? Or will a
handshake continue if I am trying to send or receive data?

Sorry for the dumb questions, I am quite new to GnuTLS and want to get
it right the first time.

Thanks
        Torsten

signature.asc
Description: Digital signature