Add newly learned knowledge from yesterday's discussion.
diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod index f959079..6e3ecff 100644 --- a/doc/ssl/SSL_write.pod +++ b/doc/ssl/SSL_write.pod
@@ -18,11 +18,19 @@ =head1 NOTES If necessary, SSL_write() will negotiate a TLS/SSL session, if -not already explicitly performed by SSL_connect() or SSL_accept(). If the +not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or +L<SSL_accept(3)|SSL_accept(3)>. If the peer requests a re-negotiation, it will be performed transparently during the SSL_write() operation. The behaviour of SSL_write() depends on the underlying BIO. +For the transparent negotiation to succeed, the B<ssl> must have been +initialized to client or server mode. This is not the case if a generic +method is being used (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>, so that +L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state() +must be used before the first call to an L<SSL_read(3)|SSL_read(3)> +or SSL_write() function. + If the underlying BIO is B<blocking>, SSL_write() will only return, once the write operation has been finished or an error occurred, except when a renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. @@ -31,7 +39,8 @@ If the underlying BIO is B<non-blocking>, SSL_write() will also return, when the underlying BIO could not satisfy the needs of SSL_write() -to continue the operation. In this case a call to SSL_get_error() with the +to continue the operation. In this case a call to +L<SSL_get_error(3)|SSL_get_error(3)> with the return value of SSL_write() will yield B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a call to SSL_write() can also cause read operations! The calling process @@ -74,7 +83,9 @@ =head1 SEE ALSO L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_read(3)|SSL_read(3)>, -L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, +L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>, +L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)> +L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)> =cut