I am trying perform SSL_shutdown on a non-blocking socket. In the code below, i am trying poll after trying SSL_shutdown.
do {
err = SSL_shutdown();
if (err == 0) {
// unidirectional shutdown success, will try SSL_shutdown once more and exit
} else if (err == 1) {
//shutdown complete. Exit
} else {
ec = SSL_get_error(ctx, err);
if (ec == SSL_ERROR_WANT_READ) {
rc = poll(fd, POLLIN|POLLPRI, timeout);
if (rc > 0) {
continue;
} else {
break;
}
} else if (ec == SSL_ERROR_WANT_WRITE) {
rc = poll(fd, POLLOUT, timeout);
if (rc > 0) {
continue;
} else {
break;
}
} else {
break;
}
}
} while(1);
After a successful poll
is it possible that the socket is writeable or readable and triggering the shutdown will WANT_WRITE or WANT_READ again. Can the above code get stuck in an infinite loop?
From the official documentation :
If the underlying BIO is nonblocking, SSL_shutdown() will also return when the underlying BIO could not satisfy the needs of SSL_shutdown() to continue the handshake. In this case a call to SSL_get_error() with the return value of SSL_shutdown() will yield SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_shutdown() .
In other words, it is not only safe but it is expected.
But note the "... after taking appropriate action to satisfy the needs of SSL_shutdown()..." . If your SSL object is implicitly backed by a file descriptor then it will automatically do the necessary reads and writes. If it is only backed by a memory BIO these read and writes must be done in your code. It is unclear from your code if it is backed by a memory BIO or not though.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.