Hi Thomas, I do not think that non-blocking code is hard to implement, but I am not still convinced there is not some kind of confusion here. Pardon me if I do not understand well your reasoning, but I just want to highlight that SSL_read() contract is not to return TCP data, but SSL/TLS data (if some are available), which is more work. As described in https://www.openssl.org/docs/man1.1.0/ssl/SSL_read.html, you may encounter cases where TCP data is available, but just contains TLS records with no usefull application data. Can this be what you experienced or I missed your point ? Regards, Michel -----Message d'origine----- De : openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] De la part de Thomas J. Hruska Envoyé : dimanche 8 octobre 2017 22:56 À : openssl-users@xxxxxxxxxxx Objet : Re: Graceful shutdown of TLS connection for blocking sockets On 10/8/2017 7:28 AM, Michel wrote: > While I understand that using non-blocking descriptors is a better > practice, I still do not see why select() should NEVER be used for > blocking sockets (except when combined/interfered with the internal > OpenSSL state machine or equivalent mechanism). > > Could you please elaborate or give an example ? > > Regards, > > Michel. Example: You call select(), it returns the descriptor as readable, you pass it into SSL_read(), and SSL_read() blocks. You are worse off than before you used select() since you made the incorrect assumption that you could do something when select() returns and not have a blocking socket block. Just because select() says that something is readable (or writable) does not actually make it so. The function only makes sense for non-blocking descriptors. The use of select() with a blocking descriptor is always wrong. Non-blocking code is actually easier to implement than you think. -- Thomas Hruska Shining Light Productions Home of BMP2AVI and Win32 OpenSSL. http://www.slproweb.com/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
