当SSL_read()返回WANT_READ时调用SSL_write()
[英]Calling SSL_write() when SSL_read() returned WANT_READ
问题描述
I'm working on a client-application that uses OpenSSL for TLS using non-blocking I/O. 
我正在使用将OpenSSL用于TLS且使用非阻塞I / O的客户端应用程序。 Both sides of the connection may write at any time, indicating some state-change. 连接的两端都可以随时写入,表明状态发生了某些变化。 So I need to check the socket regularly for new data to become available. 因此,我需要定期检查套接字以获取新数据。 If nothing has been received my code should immediately continue with the next task: sending new data from the client to the server. 如果什么都没收到,我的代码应立即继续下一个任务:将新数据从客户端发送到服务器。
But I'm not sure, how I can do this with the OpenSSL-API: Calling SSL_read() on a socket where no data has been received (as the other side did not send anything) always results in an error-code of SSL_ERROR_WANT_READ (or even SSL_ERROR_WANT_WRITE in case of a renegotiation). 但是我不确定,如何使用OpenSSL-API进行此操作:在未接收到任何数据的套接字上调用SSL_read() (因为另一端未发送任何内容)始终会导致SSL_ERROR_WANT_READ的错误代码(甚至在重新协商的情况下甚至SSL_ERROR_WANT_WRITE )。 In that case may I just continue with the next task and call SSL_write() to write other data to server? 在那种情况下,我可以继续下一个任务并调用SSL_write()将其他数据写入服务器吗?
The man-page doesn't talk about this in detail. 手册页中没有详细讨论。 It just mentions that the arguments of the repeated read-call need to be exactly the same as before. 它只是提到重复读调用的参数必须与以前完全相同。 The book Network Security with OpenSSL by Viega et. Viega等着《 使用OpenSSL进行网络安全 》一书。 al. 等 contains an example of non-blocking I/O. 包含一个非阻塞I / O的示例。 But the author waits for SSL_read() to succeed (reading 1 or more bytes) and only then calls SSL_write() to send data to the other side, which means that no write-operation is possible until data from the other side has been received. 但是作者等待SSL_read()成功(读取1个或更多字节),然后才调用SSL_write()将数据发送到另一侧,这意味着直到接收到另一侧的数据后,才可以进行写操作。 For my purpose this would not work. 对我来说,这是行不通的。
In a nutshell: If SSL_read() returns with SSL_ERROR_WANT_WRITE or SSL_ERROR_WANT_READ may I just call SSL_write() with other data before I repeat the read? 简而言之:如果SSL_read()返回带有SSL_ERROR_WANT_WRITE或SSL_ERROR_WANT_READ信息,那么在重复读取之前,我可以仅将SSL_write()与其他数据一起调用吗? And if not, how can I achieve that read-if-available-and-write-thing? 如果没有,我该如何实现“读取并可用”的东西?
1 个解决方案
解决方案1
0 2018-05-30 09:00:26
SSL_ERROR_WANT_WRITE or SSL_ERROR_WANT_READ does not necessarily mean an error condition. SSL_ERROR_WANT_WRITE或SSL_ERROR_WANT_READ不一定表示错误情况。 It signifies that in order to proceed further, Read or write must be done first. 它表示为了继续进行,必须先完成读或写操作。
Hence, if your SSL_read is returning either one of these. 因此,如果您的SSL_read返回其中之一。 If you have to wait the condition to be fulfilled just the example in the book that you have mentioned. 如果您必须等待条件得到满足,则只需提及的书中的示例即可。 Untill then calling any other SSL API including SSL_write will not work. 在此之前,调用包括SSL_write在内的任何其他SSL API SSL_write无效。
Perhaps, you can use ,if not used, select/poll/epoll or whatever to know any network activity on your socket 也许,您可以使用/ select / poll / epoll(如果不使用)或其他方法来了解套接字上的任何网络活动
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.