|
TLS is a bidirectional protocol. You can’t throttle only one side. From: Alex H <alexhultman@xxxxxxxxx> How do you properly implement receive throttling on SSL sockets without hindering writing? As opposed to raw TCP sockets, an SSL socket cannot be receive-throttled simply by stop polling for readable events on the underlying raw TCP socket. SSL_write still could require reading of data so simply stop polling for readable would
potentially hinder writing of data which is not okay. Is there any such receive-throttling functionality in the SSL protocol itself? I don't see how SSL_peek would solve the issue since I would still be buffering (potentially uncontrolled amount of) data in a BIO. Even if I would _only_ enable readable polling when _absolutely needed_ as per SSL_write error, I still cannot guarantee not reading a chunk of data (which I would then need to buffer up in a BIO since the application is not expecting it). How are we supposed to solve this issue without potentially building up backpressure? Thanks |
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
