On Fri, 2016-04-08 at 17:16 +0100, Alex Bligh wrote: > Nikos, > > Thanks for your reply. > > On 8 Apr 2016, at 14:35, Nikos Mavrogiannopoulos <[email protected]> > wrote: > > > On Fri, Apr 8, 2016 at 10:36 AM, Alex Bligh <[email protected]> > > wrote: > > > Is there a simple, easy to reuse, example of gnu-tls acting like > > > a > > > proxy which is truly non-blocking? By truly non-blocking I mean > > > using > > > non-blocking writes as well as non-blocking reads. The danger I > > > am concerned about is receiving a large amount of plain-text, > > > gnutls converting that to cypher-text, attempting to write it > > > but blocking because the remote side is not ready to receive it. > > > The remote side is not ready to receive it because it has its > > > own output blocked as gnutls is not polling for reads as > > > it's blocked above, meaning deadlock. > > > > Blocking is a matter of the underlying socket functions. > > Perhaps I should have used the word 'asynchronous' > > > If you set > > the sockets to non blocking mode gnutls operates in a non-blocking > > way > > almost identically to berkeley sockets. Have you checked the > > manual? > > https://www.gnutls.org/manual/html_node/Asynchronous-operation.html > > I had done, but it was not fantastically helpful. > > The manual says "GnuTLS does not keep a write buffer, thus when > writing > no additional actions are required." which I took to mean it was > writing > synchronously (but reading async).
That sentence is indeed confusing. I've removed it. > > > The simplest example is mini-eagain.c from the test suite which > > verifies the asynchronous operation of gnutls_record_send and recv. > Thanks - that was helpful. But it doesn't do a select loop > as far as I can tell. No. A select loop will be complex and I don't know if one could have a reasonable example. If you have one consider contributing it. To see a real world example check ocserv's main loop: https://gitlab.com/ocserv/ocserv/blob/master/src/worker-vpn.c#L1892 It uses both TLS and DTLS sockets in async mode (with poll, there is no reason to use select() as it has terrible semantics). regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
