Hi,=20

I wrote an SSL layer over a custom network layer (IOCP on Windows,
poll() on UNIX) for my employer, using the non-copy functions BIO_nread
and BIO_nwrite. I am aware that they are not "official", and in
particular lack documentation. So it doesn't make much sense to speak
about bugs, as there is no defined contract.

Nevertheless I think there may be an unintended side-effect in
BIO_nread0. The problem occurs when calling BIO_nread0 while there is no
byte pending in the BIO. Then, at cyclic buffer boundaries only (or so I
think), a byte gets "swallowed". I think the behavior stems from the
following code in bss_bio.c (version 0.9.8g, lines 299-305):

if (peer_b->len =3D=3D 0)
{
char dummy;
=09
/* avoid code duplication -- nothing available for
reading */
return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
}

I didn't follow the implemenation completely, but in the same file, in
bio_read we get to (lines 216-218):

BIO_set_retry_read(bio); /* buffer is empty */
if (size <=3D peer_b->size)
peer_b->request =3D size;

.... and then somehow this "requested byte" disappears, if we are at the
cyclic buffer wraparound - by "disappear" I mean that the next call to
BIO_nread0 will jump this byte. Note, that I am not sure about the
mechanics. All I can say is, that if I call BIO_nread0 on an empty BIO
then I get 1 byte lossage every 16KB.

When I wrap my code like this, everything works fine:=20

if (BIO_ctrl_pending(pNetworkBio)) {
ret =3D BIO_nread0(pNetworkBio, (void *)&netwBuffer.buf);
}

So maybe the assumption is, that people do not call BIO_nread0 if there
is nothing pending in the BIO. But looking at the source, and especially
the comment (line 303 above) it seems to me the author just wanted to
avoid code duplication and *did not* intend any side-effect.

On a similar note I would like to ask if there are any plans to make
this interface official. I personally think it's an important interface
for any high-performance application. =20

Please comment,
Michael Keller.
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org