#include <openssl/ssl.h> int SSL_pending(const SSL *ssl); int SSL_has_pending(const SSL *s);
Data is received in whole blocks known as records from the peer. A whole record is processed (e.g. decrypted) in one go and is buffered by OpenSSL until it is read by the application via a call to SSL_read_ex(3) or SSL_read(3).
SSL_pending() returns the number of bytes which have been processed, buffered and are available inside ssl for immediate read.
If the SSL object's read_ahead flag is set (see SSL_CTX_set_read_ahead(3)), additional protocol bytes (beyond the current record) may have been read containing more TLS/SSL records. This also applies to DTLS and pipelining (see SSL_CTX_set_split_send_fragment(3)). These additional bytes will be buffered by OpenSSL but will remain unprocessed until they are needed. As these bytes are still in an unprocessed state SSL_pending() will ignore them. Therefore, it is possible for no more bytes to be readable from the underlying BIO (because OpenSSL has already read them) and for SSL_pending() to return 0, even though readable application data bytes are available (because the data is in unprocessed buffered records).
SSL_has_pending() returns 1 if s has buffered data (whether processed or unprocessed) and 0 otherwise. Note that it is possible for SSL_has_pending() to return 1, and then a subsequent call to SSL_read_ex() or SSL_read() to return no data because the unprocessed buffered data when processed yielded no application data (for example this can happen during renegotiation). It is also possible in this scenario for SSL_has_pending() to continue to return 1 even after an SSL_read_ex() or SSL_read() call because the buffered and unprocessed data is not yet processable (e.g. because OpenSSL has only received a partial record so far).
SSL_pending() returns the number of buffered and processed application data bytes that are pending and are available for immediate read. SSL_has_pending() returns 1 if there is buffered record data in the SSL object and 0 otherwise.
SSL_read_ex(3), SSL_read(3), SSL_CTX_set_read_ahead(3), SSL_CTX_set_split_send_fragment(3), ssl(7)
The SSL_has_pending() function was added in OpenSSL 1.1.0.
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the “License”). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
ssl.7ssl(7), SSL_CTX_set_read_ahead.3ssl(3), SSL_CTX_set_split_send_fragment.3ssl(3), SSL_read.3ssl(3).
The man page SSL_has_pending.3ssl(3) is an alias of SSL_pending.3ssl(3).