[英]Calling SSL_write() when SSL_read() returned WANT_READ
I'm working on a client-application that uses OpenSSL for TLS using non-blocking I/O. 我正在使用将OpenSSL用于TLS且使用非阻塞I / O的客户端应用程序。 Both sides of the connection may write at any time, indicating some state-change.
连接的两端都可以随时写入,表明状态发生了某些变化。 So I need to check the socket regularly for new data to become available.
因此,我需要定期检查套接字以获取新数据。 If nothing has been received my code should immediately continue with the next task: sending new data from the client to the server.
如果什么都没收到,我的代码应立即继续下一个任务:将新数据从客户端发送到服务器。
But I'm not sure, how I can do this with the OpenSSL-API: Calling SSL_read()
on a socket where no data has been received (as the other side did not send anything) always results in an error-code of SSL_ERROR_WANT_READ
(or even SSL_ERROR_WANT_WRITE
in case of a renegotiation). 但是我不确定,如何使用OpenSSL-API进行此操作:在未接收到任何数据的套接字上调用
SSL_read()
(因为另一端未发送任何内容)始终会导致SSL_ERROR_WANT_READ
的错误代码(甚至在重新协商的情况下甚至SSL_ERROR_WANT_WRITE
)。 In that case may I just continue with the next task and call SSL_write()
to write other data to server? 在那种情况下,我可以继续下一个任务并调用
SSL_write()
将其他数据写入服务器吗?
The man-page doesn't talk about this in detail. 手册页中没有详细讨论。 It just mentions that the arguments of the repeated read-call need to be exactly the same as before.
它只是提到重复读调用的参数必须与以前完全相同。 The book Network Security with OpenSSL by Viega et.
Viega等着《 使用OpenSSL进行网络安全 》一书。 al.
等 contains an example of non-blocking I/O.
包含一个非阻塞I / O的示例。 But the author waits for
SSL_read()
to succeed (reading 1 or more bytes) and only then calls SSL_write()
to send data to the other side, which means that no write-operation is possible until data from the other side has been received. 但是作者等待
SSL_read()
成功(读取1个或更多字节),然后才调用SSL_write()
将数据发送到另一侧,这意味着直到接收到另一侧的数据后,才可以进行写操作。 For my purpose this would not work. 对我来说,这是行不通的。
In a nutshell: If SSL_read()
returns with SSL_ERROR_WANT_WRITE
or SSL_ERROR_WANT_READ
may I just call SSL_write()
with other data before I repeat the read? 简而言之:如果
SSL_read()
返回带有SSL_ERROR_WANT_WRITE
或SSL_ERROR_WANT_READ
信息,那么在重复读取之前,我可以仅将SSL_write()
与其他数据一起调用吗? And if not, how can I achieve that read-if-available-and-write-thing? 如果没有,我该如何实现“读取并可用”的东西?
SSL_ERROR_WANT_WRITE
or SSL_ERROR_WANT_READ
does not necessarily mean an error condition. SSL_ERROR_WANT_WRITE
或SSL_ERROR_WANT_READ
不一定表示错误情况。 It signifies that in order to proceed further, Read or write must be done first. 它表示为了继续进行,必须先完成读或写操作。
Hence, if your SSL_read
is returning either one of these. 因此,如果您的
SSL_read
返回其中之一。 If you have to wait the condition to be fulfilled just the example in the book that you have mentioned. 如果您必须等待条件得到满足,则只需提及的书中的示例即可。 Untill then calling any other SSL API including
SSL_write
will not work. 在此之前,调用包括
SSL_write
在内的任何其他SSL API SSL_write
无效。
Perhaps, you can use ,if not used, select/poll/epoll or whatever to know any network activity on your socket 也许,您可以使用/ select / poll / epoll(如果不使用)或其他方法来了解套接字上的任何网络活动
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.