mirror of
https://github.com/openssl/openssl.git
synced 2024-12-20 15:33:38 +08:00
464175692f
The write BIO for handshake messages is bufferred so that we only write out to the network when we have a complete flight. There was some complexity in the buffering logic so that we switched buffering on and off at various points through out the handshake. The only real reason to do this was historically it complicated the state machine when you wanted to flush because you had to traverse through the "flush" state (in order to cope with NBIO). Where we knew up front that there was only going to be one message in the flight we switched off buffering to avoid that. In the new state machine there is no longer a need for a flush state so it is simpler just to have buffering on for the whole handshake. This also gives us the added benefit that we can simply call flush after every flight even if it only has one message in it. This means that BIO authors can implement their own buffering strategies and not have to be aware of the state of the SSL object (previously they would have to switch off their own buffering during the handshake because they could not rely on a flush being received when they really needed to write data out). This last point addresses GitHub Issue #322. Reviewed-by: Andy Polyakov <appro@openssl.org> |
||
---|---|---|
apps | ||
Configurations | ||
crypto | ||
demos | ||
doc | ||
engines | ||
external/perl | ||
fuzz | ||
include | ||
ms | ||
os-dep | ||
ssl | ||
test | ||
tools | ||
util | ||
VMS | ||
.gitattributes | ||
.gitignore | ||
.travis-create-release.sh | ||
.travis.yml | ||
ACKNOWLEDGEMENTS | ||
appveyor.yml | ||
AUTHORS | ||
build.info | ||
CHANGES | ||
config | ||
config.com | ||
Configure | ||
CONTRIBUTING | ||
e_os.h | ||
FAQ | ||
INSTALL | ||
INSTALL.DJGPP | ||
INSTALL.WCE | ||
LICENSE | ||
Makefile.shared | ||
NEWS | ||
NOTES.VMS | ||
NOTES.WIN | ||
README | ||
README.ECC | ||
README.ENGINE | ||
README.FIPS | ||
README.PERL |
OpenSSL 1.1.0-pre6-dev Copyright (c) 1998-2016 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson All rights reserved. DESCRIPTION ----------- The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSLv3) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptographic library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. OpenSSL is descended from the SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the OpenSSL license plus the SSLeay license), which means that you are free to get and use it for commercial and non-commercial purposes as long as you fulfill the conditions of both licenses. OVERVIEW -------- The OpenSSL toolkit includes: libssl (with platform specific naming): Provides the client and server-side implementations for SSLv3 and TLS. libcrypto (with platform specific naming): Provides general cryptographic and X.509 support needed by SSL/TLS but not logically part of it. openssl: A command line tool that can be used for: Creation of key parameters Creation of X.509 certificates, CSRs and CRLs Calculation of message digests Encryption and decryption SSL/TLS client and server tests Handling of S/MIME signed or encrypted mail And more... INSTALLATION ------------ See the appropriate file: INSTALL Linux, Unix, Windows, OpenVMS INSTALL.DJGPP DOS platform with DJGPP INSTALL.WCE Windows CE SUPPORT ------- See the OpenSSL website www.openssl.org for details on how to obtain commercial technical support. If you have any problems with OpenSSL then please take the following steps first: - Download the current snapshot from ftp://ftp.openssl.org/snapshot/ to see if the problem has already been addressed - Remove ASM versions of libraries - Remove compiler optimisation flags If you wish to report a bug then please include the following information in any bug report: - On Unix systems: Self-test report generated by 'make report' - On other systems: OpenSSL version: output of 'openssl version -a' OS Name, Version, Hardware platform Compiler Details (name, version) - Application Details (name, version) - Problem Description (steps that will reproduce the problem, if known) - Stack Traceback (if the application dumps core) Email the report to: rt@openssl.org In order to avoid spam, this is a moderated mailing list, and it might take a day for the ticket to show up. (We also scan posts to make sure that security disclosures aren't publically posted by mistake.) Mail to this address is recorded in the public RT (request tracker) database (see https://www.openssl.org/community/index.html#bugs for details) and also forwarded the public openssl-dev mailing list. Confidential mail may be sent to openssl-security@openssl.org (PGP key available from the key servers). Please do NOT use this for general assistance or support queries. Just because something doesn't work the way you expect does not mean it is necessarily a bug in OpenSSL. You can also make GitHub pull requests. If you do this, please also send mail to rt@openssl.org with a link to the PR so that we can more easily keep track of it. HOW TO CONTRIBUTE TO OpenSSL ---------------------------- See CONTRIBUTING LEGALITIES ---------- A number of nations, in particular the U.S., restrict the use or export of cryptography. If you are potentially subject to such restrictions you should seek competent professional legal advice before attempting to develop or distribute cryptographic code.