On Thu, Sep 18, 2008 at 2:36 PM, Wan-Teh Chang <[EMAIL PROTECTED]> wrote: > > On Wed, Sep 17, 2008 at 3:12 PM, Darin Fisher <[EMAIL PROTECTED]> wrote: >> >>> In previous discussion with Darin, it seemed we >>> wanted to use epoll rather than poll. This >>> implies that we want to not use NSPR for our >>> network I/O, and thus implies that we want to >>> write an NSPR I/O layer so we can do our own >>> network I/O rather than letting nss do it via nspr. >> >> can't we avoid NSPR? or does the NSS shipped with existing Linux >> boxes give us no alternative API to get at the SSL state machine? > > Since we don't have access to the SSL state machine > inside NSS's SSL library, we have to use PRFileDesc > and PR_Recv and PR_Send, but we don't need to use > PR_Poll. We can call the 'poll' method of PRFileDesc > directly to get the POLLIN/POLLOUT or EPOLLIN/EPOLLOUT > flags we should use with the poll() or epoll() system > call. > > This does require that SSLClientSocket be NOT layered > on top of TCPClientSocket on Linux, because SSLClientSocket > needs to use the underlying Unix fd (wrapped in a > PRFileDesc) directly. > > If we really need access to the SSL state machine inside > NSS's SSL library, we'll need to modify the SSL library. > Fortunately, we would only need to build two directories > of the NSS source tree, and we can build them against > system-provided NSS headers and shared libraries. > But that's a lot of work. We should begin with an > implementation that uses the current PRFileDesc-based > API. > > Wan-Teh
I think it will be very valuable to us to maintain our own layering here. It sounds like Dan and you have an idea of how to do it. Perhaps in parallel--or when time permits--we should work to add the APIs to NSS that would expose the underlying state machine? That way, one day, we will have a cleaner way to do what we prefer? -Darin --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Chromium-dev" group. To post to this group, send email to chromium-dev@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/chromium-dev?hl=en -~----------~----~----~----~------~----~------~--~---
