On Thu, 2009-02-19 at 05:35 -0800, Dan Kegel wrote: > I haven't looked at the patch,
sufficient to look at the simple example usage shown in the email > but I'm a little skeptical of a one-size-fits-all > approach to integrating things like openssl. As the openssl faq says, you > can't just call its read and write functions and expect them to work like > regular ones: > http://www.openssl.org/support/faq.html#PROG10 > For pedagogical reasons openssl maybe a bad example to reference. libcurl and a few others which couple IO event management with their processing maybe a better example. openssl TLS (i suspect DTLS would be kinder) buffers at least a complete packet received for processing. I have never read the FAQ but the man page is atrocious at best, and I was bitten by what the FAQ describes - it was easy to see with strace what SSL "read" was doing. So when you do your wrappers that invoke SSL_read/write, you need to do a lot more. Example for read, pick your poison: - block until all is read - ask it to read you upto 16K buffer - keep invoking SSL_read in your wrapper until it tells you its done - set something in that invokes some IO scheduling you maintain based on what the SSL_read/error returns - etc In any case, I dont want to distract and justify the merits of the patch based on how it solves the tls issue. > Do you have an example app that shows your code working with > openssl? Not publicly; if there was some use to demonstrate usage using openssl, I could rip off some of the code and demonstrate how it can be done. But it will take me time to make it usable for other people. > > p.s. > FWIW, here's how chromium uses libevent with nss (sorry, it's a little > convoluted): I suspect it suffers from the same buffering issue as openssl. The reason i picked openssl is because it can do DTLS and there are experimental patches for SCTP. Ive never looked at NSS, but i glanced briefly at GNUTLS and it didnt meet my requirements. cheers, jamal _______________________________________________ Libevent-users mailing list Libevent-users@monkey.org http://monkeymail.org/mailman/listinfo/libevent-users
