[openssl-users] Graceful shutdown of TLS connection for blocking sockets

Thomas J. Hruska shinelight at shininglightpro.com
Mon Oct 9 13:31:49 UTC 2017

On 10/9/2017 1:32 AM, Michel wrote:
>> With blocking sockets, you just loop back around and repeat the same call
> if either of those messages are returned by SSL_get_error(). No select()
> required.
> Yes, you have to repeat the same call, but select() is still usefull,
> especially with blocking sockets.

And leads to incorrect code and weird blocking scenarios.  Been there, 
done that.  You're using select() wrong.  If you want to block, then 
block and don't try to hack around it.  Otherwise use non-blocking.

This common misunderstanding of select() is precisely why calling it 
with a blocking descriptor should trigger an exception that kills the 
application.  Doing so would bring a quick end to a lot of bad code.

Thomas Hruska
Shining Light Productions

Home of BMP2AVI and Win32 OpenSSL.

More information about the openssl-users mailing list