The way to handle this situation is simply to never enter SSL_read() if there isn't anything to read on the socket. select() or pselect() are your friends, here, because they'll tell you if there's data to read from the underlying file descriptor.
I hope this helps! -Kyle H On Oct 5, 2017 02:58, "mahesh gs" <mahesh...@gmail.com> wrote: > Hi All, > > I have query regarding the SSL_read on blocking socket. How to come out of > blocking SSL_read when we have to close the connection ? > > As per the documentation SSL_read will only return if there is any data or > an error occurred. > > "If the underlying BIO is *blocking*, SSL_read() will only return, *once > the read operation has been finished or an error occurred,* except when a > renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur" > > I am trying following methods > > *method 1:* > > 1) Thread - 1 blocks in SSL_read > 2) Thread - 2 receive indication to stop the connection from application. > Call SSL_Shutdown() to unblock the SSL_read in thread - 1. But this is > dangerous as calling SSL_shutdown and SSL_read from different threads on > same context can lead to undefined behaviour. > > *method 2:* > > 1) Thread - 1 blocks in SSL_read > 2) Thread - 2 receive indication to stop the connection from application. > shutdown the underlying TCP socket using system command (shutdown > (socket_id, SHUT_WR)) that cause the SSL_read to unblock. > 3) Thread - 1 unwind and close the TCP socket (using close(socket_id)). > thread -1 cannot call SSL_Shutdown since the TCP socket is shutdown by > thread - 2 for write operation. As per my understanding this violates the > TLS standard because of not sending out the close notify handshake. > > How to ensure to come out of blocking SSL_read and initiate SSL_shutdown > from same thread? > > Thanks, > Mahesh G S > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
