No data available to red after SSL_ERROR_WANT_READ error.
Hi Everyone,
I'm currently using the following implementation to read the data for
TLSv1.3 where the SSL_MODE_AUTO_RETRY flag has been turned off for blocking
transport.
The issue I'm encountering here occurs after the first SSL_read() call in
myread(). Despite encountering SSL_ERROR_WANT_READ, upon checking for
available data using isReadable(), there appears to be no activity or
pending data. This inconsistency occurs intermittently, with the socket
sometimes taking up to 3 seconds to become readable, while at other times,
data becomes immediately accessible.
I'm curious as to why this discrepancy is occurring. Could it be that the
processing of data and its availability in the buffer is causing delays or
something is missing in code? Any insights or assistance on resolving this
matter would be immensely helpful and appreciated.
int isReadable(int timeout)
{
…..
if( (poll (, fds_count, timeout) > 0) && (fds.revents
& POLLIN)) ||
(SSL_pending(ssl) > 0))
{
return 1;
}
return 0;
}
int myread (int length)
{
int ret = 0;
if( isReadable(5) )
{
ret = SSL_read(ssl, buffer, length);
}
while(ret == -1)
{
int errorCode = SSL_get_error(ssl, ret);
if( errorCode == SSL_ERROR_WANT_READ)
{
if( isReadable(5) )
{
ret =
SSL_read(ssl, buffer, length);
}
Else
{
ret 0;
}
}
….
}
}
--Rahul
Re: SSL_peek() removes the session ticket from the underlying BIO ??
Thank you for the quick reply, Matt !! Is my understanding correct that if the buffer is empty and SSL_peek() is invoked while trying to process more records, only application data gets placed into that buffer? --Rahul On Thu, May 2, 2024 at 12:33 PM Matt Caswell wrote: > > > On 02/05/2024 06:19, Rahul Shukla wrote: > > Hi All, > > As per the OpenSSL doc : > > / > > / > > /"SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and > > SSL_read() respectively except no bytes are actually removed from the > > underlying BIO during the read, so that a subsequent call to > > SSL_read_ex() or SSL_read() will yield at least the same bytes."/ > > > > *I have a quick question here, Does SSL_peek() remove the session ticket > > (Non application data) from the underlying BIO or will it remain there > > just like application data until unless SSL_read() is called to read the > > session ticket. * > > > It depends. > > OpenSSL has an internal buffer of application data that has already been > processed and is available for immediate read. If that buffer has data > in it then a call to SSL_peek() (or in fact SSL_read()) will return that > data and will not attempt to process any further incoming records. > > If the buffer is empty then it will attempt to process further records > in order to put more data into that buffer. In doing that if it > encounters any non-application data records (such as a session ticket) > then it will process those records in the same way as SSL_read() would > have done. > > Matt >
SSL_peek() removes the session ticket from the underlying BIO ??
Hi All, As per the OpenSSL doc : *"SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and SSL_read() respectively except no bytes are actually removed from the underlying BIO during the read, so that a subsequent call to SSL_read_ex() or SSL_read() will yield at least the same bytes."* *I have a quick question here, Does SSL_peek() remove the session ticket (Non application data) from the underlying BIO or will it remain there just like application data until unless SSL_read() is called to read the session ticket. * --Rahul
