Comments (6)
...to be clear. Of course, SSL_read and SSl_write should be called within synchronized blocks. But using the same synchronized block for both logically impossible.
from tlse.
I'm not sure this is unnecessary. Just think at an alert condition or handshake data pending. If you think this is a problem, just comment the line. I think that in case of an error, your client/server will not send the pending alert message. Also, it is possible to affect the fast start option. Anyway, you should avoid using SSL_* functions. Those are there for testing, You should use the tls_* function which are more flexible.
from tlse.
Of course I commented the line, but it took me 2 days to find this :) tls_* functions won't solve the issue. The problem is SSL_read writes to the same buffer as SSL_write, and the same will happen with tls_* functions. This will never work with two threads, no matter how you will synchronize them.
Just a suggestion. You should not fix it.
from tlse.
Can you please post a minimal source illustrating your problem? I think I don't understand what the problem is.
These lines:
if (tls_consume_stream(context, client_message, read_size, ssl_data->certificate_verify) > 0) {
_tls_ssl_private_send_pending(ssl_data->fd, context);
break;
}
Are important, because when consuming a stream, an alert condition may be encountered, so this should be here. Also, the tls-layer connection status may change.
from tlse.
Simple as this:
Thread 1:
{
SSL_read(ctx,buf, len);
}
Thread 2:
{
SSL_write(ctx,buf, len);
}
You can not use e.g a mutex to avoid simultaneous calls, because SSL_read leads to a blocked "recv". Now think about what will happen if SSL_write will be writing to the buffer, when SSL_read will suddenly receive data.
The same thing will happen any time when you will try to send data in a receiving method. It does not matter which functions you will use SSL_* or tls_*
from tlse.
Removing _tls_ssl_private_send_pending may cause unexpected behavior in handshake, so for now, it should be kept.
from tlse.
Related Issues (20)
- Can't connect with certain servers HOT 2
- Strange error: "UNSUPPORTED TLS VERSION 0" HOT 8
- Possible bug in SSL_connect() HOT 4
- github.com TLS 1.3 transmission fails in the middle with NEED DATA HOT 11
- nginx servers need signature algorithm extension HOT 3
- Armv7 tls_packet_update HOT 1
- certificate_verify() is not called when using a TSL 1.3 client HOT 1
- Connect (to wikipedia) with V13 succeeds, but cannot read data. V12 works HOT 4
- Failure to connect to SMTP server with STARTTLS HOT 1
- Failure to notice incorrect handshake on SSL_connect
- TLS 1.3 server incompatible with openssl
- LTC_ARGCHK 'b != NULL' HOT 3
- Support for latest libtomcrypt HOT 5
- SSL_read function strange behavior vs openssl's SSL_read HOT 1
- Merge into tomcrypt HOT 2
- what is "for semantic compatibility" means? HOT 1
- Examples expects testcert folder. HOT 1
- HTTPS Server wont respond when using ECDHE-RSA-AES256GCM-SHA384 cipher HOT 1
- Growtopia wont respond when using TLSe HOT 14
- Async sockets. HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tlse.