Blocking on a non-blocking socket?

rsbecker at nexbridge.com rsbecker at nexbridge.com
Thu May 23 14:08:23 UTC 2024


On Thursday, May 23, 2024 9:56 AM, Wiebe Cazemier wrote:
>> From: "Neil Horman" <nhorman at openssl.org>
>> from:
>> [ https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_mode.html |
>> https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_mode.html ]
>
>> SSL_MODE_AUTO_RETRY in non-blocking mode should cause
>> SSL_reaa/SSL_write to return -1 with an error code of
>> WANT_READ/WANT_WRITE until such time as the re-negotiation has
>> completed. I need to confirm thats the case in the code, but it seems
>> to be. If the underlying socket is in non-blocking mode, there should
>> be no way for calls to block in SSL_read/SSL_write on the socket read/write system
>call.
>
>I still don't really see what the difference is between SSL_MODE_AUTO_RETRY on or
>off in non-blocking mode?
>
>The person at [1] seems to have had a similar issue, and was convinced clearing
>SSL_MODE_AUTO_RETRY fixed it. But I agree, I don't know how it could be.
>OpenSSL would have to remove the O_NONBLOCK, or do select/poll, and I can't
>find it doing that.
>
>I hope it happens again soon and I'm around to attach a debugger.

I may be incorrect here, but my interpretation is as follows:

SSL_MODE_AUTO_RETRY on - if there is a packet ready to read on the socket, the packet is retrieved. Same for write. If not ready, because EWOULDBLOCK, the operation is retried automatically by OpenSSL.

SSL_MODE_AUTO_RETRY off - if there is a packet ready to read on the socket, the packet is retrieved. Same for write. If not ready, the OpenSSL operation reports an error.

Randall



More information about the openssl-users mailing list