Philip Hazel wrote:
> On Fri, 20 May 2005, Philip Hazel wrote:
>
> > On Fri, 20 May 2005, Ian FREISLICH wrote:
> >
> > > You can do much the same with select(). Just replace my use of
> > > poll() with appropriate select() magic. The purpose of this code
> > > snippet was not to demonstrate the use of poll, but non-blocking
> > > IO. When you write to an fd, it may block and you have no idea how
> > > much you can write before it will block. If it's set to O_NONBLOCK,
> > > as soon as poll()/select() says you can write without blocking, you
> > > write() and write() returns at the point it would block with the
> > > number of bytes actually written.
> >
> > OK. Point taken.
>
> However, when I came to look at possibly doing something to the code, I
> realized that it is complicated by the TLS case. I am not sure if it is
> even possible to do any kind of blocking check when TLS is in use. So I
> have left the code as it is. Well, almost. While reading it I noticed a
If the underlying BIO is non-blocking, SSL_write() will also return,
when the underlying BIO could not satisfy the needs of SSL_write() to
continue the operation. In this case a call to SSL_get_error(3) with
the return value of SSL_write() will yield SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE. As at any time a re-negotiation is possible, a
call to SSL_write() can also cause read operations! The calling process
then must repeat the call after taking appropriate action to satisfy
the needs of SSL_write(). The action depends on the underlying BIO.
When using a non-blocking socket, nothing is to be done, but select()
can be used to check for the required condition. When using a buffering
BIO, like a BIO pair, data must be written into or retrieved out of the
BIO before being able to continue.
I've not personally used non-blocking IO on an SSL connection because
I've never wanted to impliment timeouts, but this (for OpenSSL
0.9.7d) manual page seems to imply it's possible. I'm not sure
about other SSL implimentations though.
Ian
--
Ian Freislich