Re: No data available to red after SSL_ERROR_WANT_READ error.

[Matt Caswell]

On 08/05/2024 18:15, Rahul Shukla wrote:
The issue I'm encountering here occurs after the first SSL_read() call 
in myread(). Despite encountering SSL_ERROR_WANT_READ, upon checking for 
available data using isReadable(),there appears to be no activity or 
pending data. This inconsistency occurs intermittently, with the socket 
sometimes taking up to 3 seconds to become readable, while at other 
times, data becomes immediately accessible.


I'm curious as to why this discrepancy is occurring.


So, IIUC, you have a blocking socket but SSL_MODE_AUTO_RETRY is off.

When turned on that option means that if during an SSL_read() or similar 
call OpenSSL encounters a record that does not contain application data 
then it will automatically keep retrying the read until application data 
has been read. If no app data is available then it will block until it 
is (since you are using a blocking socket).


Since you have turned the option off any SSL_read() call that encounters 
a non-application data record will return immediately and indicate 
SSL_ERROR_WANT_READ. This means OpenSSL tried to read application data 
but failed to get any (because it hit a non-app data record instead). It 
tells you nothing about the state of the underlying socket and whether 
application data is available there or not.


It would be quite normal for you to get SSL_ERROR_WANT_READ and there 
not to be any app data available yet - either because the peer hasn't 
sent any yet, or because it is still in flight over the network.


Matt



Could it be that 
the processing of data and its availability in the buffer is causing 
delays or something is missing in code? Any insights or assistance on 
resolving this matter would be immensely helpful and appreciated.


int isReadable(int timeout)

{

     …..

     if( (poll (&fds, fds_count, timeout) > 0)  && 
(fds.revents & POLLIN)) ||


     (SSL_pending(ssl) > 0))

     {

     return 1;

     }

     return 0;

}

int myread (int length)

{

     int ret = 0;

     if( isReadable(5) )

     {

ret = SSL_read(ssl, buffer, length);

     }

     while(ret == -1)

     {

     int errorCode = SSL_get_error(ssl, ret);

     if( errorCode == SSL_ERROR_WANT_READ)

     {

if( isReadable(5) )

     {

ret = SSL_read(ssl, buffer, length);

     }

     Else

         {

     ret 0;

     }

     }

     ….

     }

}

--Rahul

No data available to red after SSL_ERROR_WANT_READ error.

[Rahul Shukla]

Hi Everyone,

I'm currently using the following implementation to read the data for
TLSv1.3 where the SSL_MODE_AUTO_RETRY flag has been turned off for blocking
transport.

The issue I'm encountering here occurs after the first SSL_read() call in
myread(). Despite encountering SSL_ERROR_WANT_READ, upon checking for
available data using isReadable(), there appears to be no activity or
pending data. This inconsistency occurs intermittently, with the socket
sometimes taking up to 3 seconds to become readable, while at other times,
data becomes immediately accessible.

I'm curious as to why this discrepancy is occurring. Could it be that the
processing of data and its availability in the buffer is causing delays or
something is missing in code? Any insights or assistance on resolving this
matter would be immensely helpful and appreciated.





int isReadable(int timeout)

{

…..

if( (poll (&fds, fds_count, timeout) > 0)  && (fds.revents
& POLLIN)) ||

(SSL_pending(ssl) > 0))

{

return 1;

}

return 0;

}

int myread (int length)

{

int ret = 0;

if( isReadable(5) )

{

ret = SSL_read(ssl, buffer, length);

}

while(ret == -1)

{

int errorCode = SSL_get_error(ssl, ret);

if( errorCode == SSL_ERROR_WANT_READ)

{

if( isReadable(5) )

{

ret =
SSL_read(ssl, buffer, length);

}

Else

{

ret 0;

}

}

….

}

}



--Rahul