[openssl-users] Graceful shutdown of TLS connection for blocking sockets

Thomas J. Hruska shinelight at shininglightpro.com
Sun Oct 8 20:55:36 UTC 2017


On 10/8/2017 7:28 AM, Michel wrote:
> While I understand that using non-blocking descriptors is a better practice,
> I still do not see why select() should NEVER be used for blocking sockets
> (except when combined/interfered with the internal OpenSSL state machine or
> equivalent mechanism).
> 
> Could you please elaborate or give an example ?
>   
> Regards,
> 
> Michel.

Example:  You call select(), it returns the descriptor as readable, you 
pass it into SSL_read(), and SSL_read() blocks.  You are worse off than 
before you used select() since you made the incorrect assumption that 
you could do something when select() returns and not have a blocking 
socket block.

Just because select() says that something is readable (or writable) does 
not actually make it so.  The function only makes sense for non-blocking 
descriptors.  The use of select() with a blocking descriptor is always 
wrong.

Non-blocking code is actually easier to implement than you think.

-- 
Thomas Hruska
Shining Light Productions

Home of BMP2AVI and Win32 OpenSSL.
http://www.slproweb.com/


More information about the openssl-users mailing list