On 19/04/2017, Bohn, Jakob via openssl-users wrote: > On 19/04/2017 14:35, Salz, Rich via openssl-users wrote: > >> The OpenSSL documentation makes it clear that you must keep calling > >> the same asynchronous function with the same parameters until the > >> async job has completed. > > Is there a way we can (relatively cheaply) check for that type of >> programming error and return an "in progress on another op" error? Yes, I raised a pull request for something similar here: https://github.com/openssl/openssl/pull/1736 Unfortunately it is over 6 months old now and needs to be rebased and brought up to date with the latest master (my bad as I've not had time). If I get a moment I'll try and get it back up to date. > Also, for the shutdown case, it would be nice (in general) if attempting > shutdown during a handshake will make the handshake abort as soon as the > protocol allows, rather than going through all the remaining steps and their > transmissions. > > In other words, returning appropriate errors/alerts to the other end > according to the handshake step. The problem here is that you have a suspended fibre midway through the handshake operation. It may have allocated memory not just on the stack local to the fibre but dynamically on the heap. The fibre must be resumed to allow it to return up the stack and exit the fibre. When you are running asynchronously you are also by definition going to be running with non-blocking sockets. This means when you recall the SSL_do_handshake to resume the fibre you are only going to keep recalling it until the point it first comes back up the stack and exits the fibre. This will happen at the first point you try and do some non blocking I/O, i.e. send or receive during the handshake. At that point you will be in the same situation you are in if you were running synchronously with non blocking sockets (you may have detected the error earlier when running asynchronously but both asynchronous and synchronous only act on it at the same stage of the handshake). The pain point for the user is in having to remember the error has occurred and keep recalling the SSL_do_handshake until the async job (fibre) has completed. Steve Linsell Intel Shannon DCG/CID Software Development Team Stevenx.Linsell@xxxxxxxxx -------------------------------------------------------------- Intel Research and Development Ireland Limited Registered in Ireland Registered Office: Collinstown Industrial Park, Leixlip, County Kildare Registered Number: 308263 This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
