Issues with ASYNC_pause_job() wake up
matt at openssl.org
Tue Feb 11 14:35:53 UTC 2020
On 11/02/2020 14:26, Valerio Di Gregorio (vadigreg) wrote:
> Hi Matt, Thanks for your reply. HTTPS request is initiated using
> libcurl. I've installed a callback in libcurl as
> CURLOP_T_SSL_CTX_FUNCTION which in turn installs a callback using
> SSL_CTX_set_cert_verify_callback(). So my application never calls
> I expected my application to write() on the write file descriptor of
> the pipe and that was enough to un-pause, without any need of calling
> ASYNC_start_job() explicitily.
> What's the right usage of this async APIs in my case?
Hmm. Well, unfortunately if libcurl is managing the interaction with
libssl then this won't work unless libcurl is async aware (I don't know
if it is or not).
ASYNC_pause_job() does nothing at all if you are not running within an
async job. An async job is *not* started automatically by libssl. In
order for that to happen you have to put the SSL object into ASYNC mode
using a call to SSL_set_mode() or SSL_CTX_set_mode(), and passing the
`SSL_MODE_ASYNC` value. See:
Once set into async mode libssl will call ASYNC_start_job()
automatically for all IO functions (e.g. SSL_read()/SSL_write() etc)
Further, when the application calls SSL_get_error(), it must be prepared
to handle SSL_ERROR_WANT_ASYNC as a return value.
So, probably, you need to investigate whether libcurl can do this.
> Many thanks for helping!
> -----Original Message----- From: openssl-users
> <openssl-users-bounces at openssl.org> On Behalf Of Matt Caswell Sent:
> Tuesday, February 11, 2020 2:52 PM To: openssl-users at openssl.org
> Subject: Re: Issues with ASYNC_pause_job() wake up
> On 11/02/2020 13:05, Valerio Di Gregorio (vadigreg) via openssl-users
>> 1. ASYNC_pause_job() can wake up before write(). It will then block
>> on the read(), which is too bad in my single-threaded code. 2. I
>> fixed case 1 by making read() non-blocking, I then run
>> ASYNC_pause_job() again and again until write() is actually
>> performed. So now I hit another issue. Time between
>> printf("pause") and write() is ~100/200 milliseconds. However time
>> between write() and printf("resume") is usually ~4.5 seconds and
>> this way too much.
> It's not clear from your description how your application starts the
> ASYNC job in the first place. Are you using libssl to do this, or
> does your application call ASYNC_start_job() directly?
> When your certificate validation code calls ASYNC_pause_job() control
> will return to your application. Control will not return until
> ASYNC_start_job() is called again. Depending on how you started the
> job in the first place this will either be due to your application
> explicitly calling ASYNC_start_job() directly, or (if it used libssl
> to start the job), then by recalling the I/O function that hit the
> pause originally.
> Once ASYNC_start_job() is invoked then context swap should happen
> immediately (so ~4.5 seconds would be totally unexpected).
> So please explain a little more about how your application starts the
> job, and how it monitors its progress in order to know when to
>> Is there a reliable way (only when data is really ready) and a
>> prompt way (in order of micro/milli-seconds) to wake up from
>> Many thanks, any help would be much appreciated.
>> Kind Regards,
>> Valerio Di Gregorio
More information about the openssl-users