Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
RE: Meanings of various return codes with non-blocking I/O?
72 views
Skip to first unread message
Dave Thompson
Aug 9, 2012, 8:53:29 PM8/9/12
to
>From: owner-ope...@openssl.org On Behalf Of James Marshall
>Sent: Thursday, 09 August, 2012 19:41
>I'm trying to write a secure embedded HTTP server using OpenSSL.
>I'm using non-blocking I/O, and the main functions I'm using are
>SSL_accept(), SSL_read(), SSL_write(), and SSL_shutdown().
>After each one, I want to handle all possible return codes,
>but I can't find docs that describe the meaning of them all.
>I've read many pages under http://www.openssl.org/docs/ssl/
>and reviewed s_server.c .
http://www.openssl.org/docs/ssl/SSL_get_error.html#
or [MANPATH=whatever] man SSL_get_error on Unix.
>For example, SSL_accept() sometimes returns 0, with SSL_get_error()
>returning SSL_ERROR_SYSCALL . No errors show up from ERR_get_error().
>How should I handle this? Merely trying the SSL_accept() again results
>in a busy loop with the same results.
Per the manpage that's improper EOF, i.e. socket closed by client
before it should be. Once a socket is closed it remains closed,
so any further attempt to use it gets the same error.
>Here's the block of code in question, in Perl and using the Net::SSLeay
>module (which is basically wrappers around OpenSSL functions <snip>
>The zero+SSL_ERROR_SYSCALL busy-loop result comes when using
>Chrome 19.0.1084.56, but not Firefox 13.0. When I kill the
>server process, either browser immediately displays the resulting page
>correctly. Does this behavior ring any bells?
Do you know (or have any logs) what was done before the problem & kill?
If the browser fetched the page (and didn't just take it from cache)
that apparently completed before the problem occurred, so the problem
must have been on some subsequent/additional request. Thoughts:
- a frame/iframe, image, script, app, or stylesheet referenced by the page.
Some of these would cause visible errors if they fail, others wouldn't.
- a request issued by script or code in the page -- although I would expect
that to occur only after initial rendering. But browsers are so 'clever'
nowadays I find it impossible to reliably predict what they'll do.
Or meta refresh in the page, similarly.
- some 'extra' info, like -- maybe even the same as -- IE's seeming
compulsion to fetch favicon.ico even when there's no need for it.
>This is all on Linux 3.1.10 (openSUSE). SSL_read(), SSL_write(),
>and SSL_shutdown() are each handled with a similar block.
>That's one of several questions I have. A more general question is:
>Where can I find descriptions of all return codes when using
>non-blocking I/O?
See above.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
>Sent: Thursday, 09 August, 2012 19:41
>I'm trying to write a secure embedded HTTP server using OpenSSL.
>I'm using non-blocking I/O, and the main functions I'm using are
>SSL_accept(), SSL_read(), SSL_write(), and SSL_shutdown().
>After each one, I want to handle all possible return codes,
>but I can't find docs that describe the meaning of them all.
>I've read many pages under http://www.openssl.org/docs/ssl/
>and reviewed s_server.c .
http://www.openssl.org/docs/ssl/SSL_get_error.html#
or [MANPATH=whatever] man SSL_get_error on Unix.
>For example, SSL_accept() sometimes returns 0, with SSL_get_error()
>returning SSL_ERROR_SYSCALL . No errors show up from ERR_get_error().
>How should I handle this? Merely trying the SSL_accept() again results
>in a busy loop with the same results.
Per the manpage that's improper EOF, i.e. socket closed by client
before it should be. Once a socket is closed it remains closed,
so any further attempt to use it gets the same error.
>Here's the block of code in question, in Perl and using the Net::SSLeay
>module (which is basically wrappers around OpenSSL functions <snip>
>The zero+SSL_ERROR_SYSCALL busy-loop result comes when using
>Chrome 19.0.1084.56, but not Firefox 13.0. When I kill the
>server process, either browser immediately displays the resulting page
>correctly. Does this behavior ring any bells?
Do you know (or have any logs) what was done before the problem & kill?
If the browser fetched the page (and didn't just take it from cache)
that apparently completed before the problem occurred, so the problem
must have been on some subsequent/additional request. Thoughts:
- a frame/iframe, image, script, app, or stylesheet referenced by the page.
Some of these would cause visible errors if they fail, others wouldn't.
- a request issued by script or code in the page -- although I would expect
that to occur only after initial rendering. But browsers are so 'clever'
nowadays I find it impossible to reliably predict what they'll do.
Or meta refresh in the page, similarly.
- some 'extra' info, like -- maybe even the same as -- IE's seeming
compulsion to fetch favicon.ico even when there's no need for it.
>This is all on Linux 3.1.10 (openSUSE). SSL_read(), SSL_write(),
>and SSL_shutdown() are each handled with a similar block.
>That's one of several questions I have. A more general question is:
>Where can I find descriptions of all return codes when using
>non-blocking I/O?
See above.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
0 new messages