diff options
| author | doug <> | 2015-07-19 05:49:27 +0000 |
|---|---|---|
| committer | doug <> | 2015-07-19 05:49:27 +0000 |
| commit | c465f0584bb4a4b1430f8f4f80b56ad0f245ebfd (patch) | |
| tree | 1e6ec53a1eb60024492d5b7b3ec9b2956c2bda28 | |
| parent | e2fdff6ec8caaf7f2ab38d837f605b9724bc5279 (diff) | |
| download | openbsd-c465f0584bb4a4b1430f8f4f80b56ad0f245ebfd.tar.gz openbsd-c465f0584bb4a4b1430f8f4f80b56ad0f245ebfd.tar.bz2 openbsd-c465f0584bb4a4b1430f8f4f80b56ad0f245ebfd.zip | |
Add documentation on how to use TLS_{READ,WRITE}_AGAIN.
ok beck@
| -rw-r--r-- | src/lib/libtls/tls_init.3 | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index 1da84ca819..28a6f269a9 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: tls_init.3,v 1.23 2015/04/03 22:33:43 jmc Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.24 2015/07/19 05:49:27 doug Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: April 3 2015 $ | 17 | .Dd $Mdocdate: July 19 2015 $ |
| 18 | .Dt TLS_INIT 3 | 18 | .Dt TLS_INIT 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -424,6 +424,15 @@ A read operation is necessary to continue. | |||
| 424 | A write operation is necessary to continue. | 424 | A write operation is necessary to continue. |
| 425 | .El | 425 | .El |
| 426 | .Pp | 426 | .Pp |
| 427 | These are underlying TLS engine read or write operations which may | ||
| 428 | not correspond with the name of the function you call. | ||
| 429 | For example, you may receive a | ||
| 430 | .Dv TLS_READ_AGAIN | ||
| 431 | even when calling | ||
| 432 | .Fn tls_write . | ||
| 433 | .Pp | ||
| 434 | While there are cases where these functions will return one or the | ||
| 435 | other or both, the best practice is to always check for both. | ||
| 427 | The caller should call the appropriate function or, in the case of the | 436 | The caller should call the appropriate function or, in the case of the |
| 428 | .Fn tls_close | 437 | .Fn tls_close |
| 429 | and the | 438 | and the |
| @@ -431,6 +440,24 @@ and the | |||
| 431 | and | 440 | and |
| 432 | .Fn tls_connect | 441 | .Fn tls_connect |
| 433 | function families, repeat the call. | 442 | function families, repeat the call. |
| 443 | .Sh EXAMPLES | ||
| 444 | Example showing how to handle partial TLS writes. | ||
| 445 | .Bd -literal -offset indent | ||
| 446 | \&... | ||
| 447 | while (len > 0) { | ||
| 448 | ret = tls_write(ctx, buf, len, &num_written); | ||
| 449 | |||
| 450 | if (ret == TLS_READ_AGAIN || ret == TLS_WRITE_AGAIN) { | ||
| 451 | /* retry. May use select to wait for nonblocking */ | ||
| 452 | } else if (ret < 0) { | ||
| 453 | return -1; | ||
| 454 | } else { | ||
| 455 | buf += num_written; | ||
| 456 | len -= num_written; | ||
| 457 | } | ||
| 458 | } | ||
| 459 | \&... | ||
| 460 | .Ed | ||
| 434 | .Sh ERRORS | 461 | .Sh ERRORS |
| 435 | The | 462 | The |
| 436 | .Fn tls_error | 463 | .Fn tls_error |