On 02/05/2024 06:19, Rahul Shukla wrote:
Hi All,
As per the OpenSSL doc :
/
/
/"SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and
SSL_read() respectively except no bytes are actually removed from the
underlying BIO during the read, so that a subsequent call to
SSL_read_ex() or SSL_read() will yield at least the same bytes."/
*I have a quick question here, Does SSL_peek() remove the session ticket
(Non application data) from the underlying BIO or will it remain there
just like application data until unless SSL_read() is called to read the
session ticket. *
It depends.
OpenSSL has an internal buffer of application data that has already been
processed and is available for immediate read. If that buffer has data
in it then a call to SSL_peek() (or in fact SSL_read()) will return that
data and will not attempt to process any further incoming records.
If the buffer is empty then it will attempt to process further records
in order to put more data into that buffer. In doing that if it
encounters any non-application data records (such as a session ticket)
then it will process those records in the same way as SSL_read() would
have done.
Matt