diff options
| author | Enji Cooper <ngie@FreeBSD.org> | 2025-05-07 21:18:24 +0000 |
|---|---|---|
| committer | Enji Cooper <ngie@FreeBSD.org> | 2025-05-07 22:37:22 +0000 |
| commit | 29536654cc41bf41b92dc836c47496dc6fe0b00c (patch) | |
| tree | 368a3c5b14e610bb5f6b71657f61a41e373eaf97 /doc/man3/SSL_get_error.pod | |
| parent | 1c34280346af8284acdc0eae39496811d37df25d (diff) | |
Diffstat (limited to 'doc/man3/SSL_get_error.pod')
| -rw-r--r-- | doc/man3/SSL_get_error.pod | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod index e5a507217ed4..794598facb33 100644 --- a/doc/man3/SSL_get_error.pod +++ b/doc/man3/SSL_get_error.pod @@ -62,8 +62,8 @@ is set. See L<SSL_CTX_set_options(3)> for more details. The operation did not complete and can be retried later. -B<SSL_ERROR_WANT_READ> is returned when the last operation was a read -operation from a nonblocking B<BIO>. +For non-QUIC SSL objects, B<SSL_ERROR_WANT_READ> is returned when the last +operation was a read operation from a nonblocking B<BIO>. It means that not enough data was available at this time to complete the operation. If at a later time the underlying B<BIO> has data available for reading the same @@ -74,9 +74,10 @@ still unprocessed data available at either the B<SSL> or the B<BIO> layer, even for a blocking B<BIO>. See L<SSL_read(3)> for more information. -B<SSL_ERROR_WANT_WRITE> is returned when the last operation was a write -to a nonblocking B<BIO> and it was unable to sent all data to the B<BIO>. -When the B<BIO> is writable again, the same function can be called again. +For non-QUIC SSL objects, B<SSL_ERROR_WANT_WRITE> is returned when the last +operation was a write to a nonblocking B<BIO> and it was unable to send all data +to the B<BIO>. When the B<BIO> is writable again, the same function can be +called again. Note that the retry may again lead to an B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE> condition. @@ -84,6 +85,15 @@ There is no fixed upper limit for the number of iterations that may be necessary until progress becomes visible at application protocol level. +For QUIC SSL objects, the meaning of B<SSL_ERROR_WANT_READ> and +B<SSL_ERROR_WANT_WRITE> have different but largely compatible semantics. Since +QUIC implements its own flow control and uses UDP datagrams, backpressure +conditions in terms of the underlying BIO providing network I/O are not directly +relevant to the circumstances in which these errors are produced. In particular, +B<SSL_ERROR_WANT_WRITE> indicates that the OpenSSL internal send buffer for a +given QUIC stream has been filled. Likewise, B<SSL_ERROR_WANT_READ> indicates +that the OpenSSL internal receive buffer for a given QUIC stream is empty. + It is safe to call SSL_read() or SSL_read_ex() when more data is available even when the call that set this error was an SSL_write() or SSL_write_ex(). However, if the call was an SSL_write() or SSL_write_ex(), it should be called |