[openssl-users] Graceful shutdown of TLS connection for blocking sockets
michel.sales at free.fr
Sun Oct 8 21:34:10 UTC 2017
I do not think that non-blocking code is hard to implement, but I am not
still convinced there is not some kind of confusion here.
Pardon me if I do not understand well your reasoning, but I just want to
highlight that SSL_read() contract is not to return TCP data, but SSL/TLS
data (if some are available), which is more work.
As described in https://www.openssl.org/docs/man1.1.0/ssl/SSL_read.html, you
may encounter cases where TCP data is available, but just contains TLS
records with no usefull application data.
Can this be what you experienced or I missed your point ?
De : openssl-users [mailto:openssl-users-bounces at openssl.org] De la part de
Thomas J. Hruska
Envoyé : dimanche 8 octobre 2017 22:56
À : openssl-users at openssl.org
Objet : Re: [openssl-users] Graceful shutdown of TLS connection for blocking
On 10/8/2017 7:28 AM, Michel wrote:
> While I understand that using non-blocking descriptors is a better
> practice, I still do not see why select() should NEVER be used for
> blocking sockets (except when combined/interfered with the internal
> OpenSSL state machine or equivalent mechanism).
> Could you please elaborate or give an example ?
Example: You call select(), it returns the descriptor as readable, you pass
it into SSL_read(), and SSL_read() blocks. You are worse off than before
you used select() since you made the incorrect assumption that you could do
something when select() returns and not have a blocking socket block.
Just because select() says that something is readable (or writable) does not
actually make it so. The function only makes sense for non-blocking
descriptors. The use of select() with a blocking descriptor is always
Non-blocking code is actually easier to implement than you think.
Shining Light Productions
Home of BMP2AVI and Win32 OpenSSL.
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users