Re: On select and blocking

Thu, 22 Jun 2006 08:30:44 -0700 

Alain Damiral wrote:
I'm wondering if it would not be highly appropriate to have an 'SSL_select' call defined by OpenSSL to have all operations on sockets fully encapsulated and allow to reach the desired behaviour without short-circuiting the layer approach... (it would provide similar behaviour as classical select on plain sockets with regard to application data). 


Now I apologize if this thought is trivially appropriate or trivially 
inappropriate - I missed the beginning of this thread to be honest.


Nice idea, but...


It doesn't play well with existing programs.  In the application we need 
one point of control (the select() in the main event loop) where the 
program can wait to do more work or timeout.



The only way to work a SSL_select() is either:


 * Make SSL_select() aware of all the other fd's in an application so 
it can watch them all for you.  This means you hand over your select() 
model to OpenSSL, I'd say this is unnecessary and not OpenSSL's job.



 * Use the timeout value of the applications select() and poll.  But 
what do you set the timeout too ?  Results in unusable delays in data 
processing and extra CPU usage having to poll when no events occur, a 
problem if you have 100 processes doing that loop.



Neither approach would be as simple solution a solution than a 
transparent-blocking mode.




Looking at the OpenSSL code maybe I can prepare a patch to provide that 
as a new option (based on how I explained the implementation would work 
in another thread), which can then be activated through a new option.



Before it seeks approval for use by default and the current 
spongey-blocking mode dropped (or retained via an option in reverse). 
This is all possible and presumes the current non-blocking mode state 
machine inside OpenSSL is flawless by design, but as I say if this 
exposes non-blocking bugs they should be fixed too.


I think the bulk patch will be less than 60 lines of code changes.


I am currently looking at the code to fix the SSL_accept() in 
non-blocking as thats not consistant either.



Darryl
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]






















					Reply via email to