more Net:SSLeay (SSL_read)

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

The 'SSL read routine' of Net::SSLeay (1.36) is

        SSL *   s
        int     max
        char *buf;
        int got;
        New(0, buf, max, char);
        ST(0) = sv_newmortal();   /* Undefined to start with */
        if ((got = SSL_read(s, buf, max)) >= 0)
                sv_setpvn( ST(0), buf, got);

Reading into an internal buffer dynamically allocated and freed for
every call and copying that to a 2nd, dynamically allocated buffer for
passing the data out isn't a particularly good idea, not only because of
the 'double alloc double copy' but because this makes SSL_read
incompatible with both the read and sysread builtin functions.

The real falling millstone breaking the unfortunate journeyman's neck,
however, is that it returns a freshly allocated SV without a value while
eating the actual OpenSSL return value in case of an error. But the
caller is supposed to pass that to SSL_get_error in order to determine
the nature of the problem and whether the (OpenSSL) SSL_read should
simply be retried.

The current version (1.68) sort-of fixes this by returning got as 2nd
element of a list when called in list mode: It's still incompatible with
Perl but it now has an OpenSSL compatible, optional mode of operation
(actually fixing the problem is - of course - impossible as this would
break no end of code relying on the broken behaviour ...)
This workaround is - of course - undocumented. Surely no one would ever
contemplate using a CPAN module without studying any xs code employed by
it carefully first ...

Site Timeline