On 27/05/16 13:23, counterpoint wrote: > Thanks for the comments, Matt. > >> read_ahead and SSL_pending() do not play nicely together unfortunately. >> See the master (1.1.0) version of the SSL_pending() documentation which >> discusses this issue and introduced the new function SSL_has_pending() >> which addresses it: > >> https://www.openssl.org/docs/manmaster/ssl/SSL_pending.html > > I looked at SSL_has_pending, but can't easily use it as the software needs > to build on standard distributions, as far as possible, and it isn't in e.g. > CentOS 6.5 > >> So it sounds like this is during reading of application data? Has >> SSL_accept() returned successfully, and you are now wanting to call >> SSL_read()? > > It's getting a lot further than that. The SSL_accept returns success, and a > whole series of SSL_read and SSL_write calls look to be operating fine. It > appears that most of the 500KB of data used in the test is transferred, but > (probably near the end) the process hangs. Presumably SSL_pending is > returning 0 and there are no further EPOLLIN events. Or something like > that. > > I expected that turning off read ahead would fix both server and client, but > it seems not. I've read all the configuration options I can find, but so far > haven't found a solution to the server side application. It would be interesting to know what the value of "s->s3->rbuf.left" is (where "s" is your SSL object) when it gets to this point. SSL_pending() tells you how much buffered and processed data is left that OpenSSL can provide. The above value tells you how much buffered and raw *unprocessed* data is left. If you've turned read_ahead off it should be zero. I wouldn't recommend looking at that in a production app (you won't be able to access it in 1.1.0) but for debugging purposes it would be interesting. Matt
