Comments (12)
It seems like IO.select
is partially broken when it comes to OpenSSL::SSL::SSLSocket
. If a #read_nonblock
doesn't read all available data IO.select
will still block – even though there is data available to read.
One solution is to loop until #read_nonblock
raises OpenSSL::SSL::SSLError
(it doesn't raise Errno::EWOULDBLOCK
or Errno::EAGAIN
like you would expect), but this feels wrong and inefficient, we want to avoid that exception being raised. We're using IO.select
to not have to do flow control with exceptions.
Another way, which seems to work (in a very limited test) is to use OpenSSL::SSL::SSLSocket#pending
. The docs say this is the "number of bytes that are immediately available for reading". Unfortunately it is zero before #read_nonblock
has been called… it seems that its the call to #read_nonblock
that populates it. But it can still be useful since we can do something like this:
while true
r, _, _ = IO.select([c])
r && r.each do |s|
read_size = 2**16
data = ''
while read_size > 0
data << s.read_nonblock(read_size)
read_size = s.pending
end
# process data
end
end
I.e. read an initial chunk, which is what we would have done anyway, and then read another chunk if #pending
returns non-zero. With non-SSL sockets we would have relied on IO.select
returning again immediately if there was more than the initial chunk of data available.
from ione.
Turns out that it's a bit more complicated: JRuby doesn't support #pending
. I decided on falling back on exceptions in JRuby: https://github.com/iconara/ione/blob/ssl_support/lib/ione/io/ssl_connection.rb#L41-L50
from ione.
Another fun fact: OpenSSL::SSL::SSLSocket#connect_nonblock
raises IO::WaitWritable
in MRI and IO::WaitReadable
in JRuby: jruby/jruby#1716
from ione.
What's the most recent status on this issue? Are there any plans to merge it into master any time soon? Is there anything specific I could help with to make that happen?
Thanks!
from ione.
I'd really like to, and if I get some help testing it I can get it out in v1.2, but as I said in iconara/cql-rb#110 I really need people to test it, and no one has stepped up. It's very hard to automate testing for this, and I just don't feel confident that the limited testing that I can do myself is enough. I'd like it for people who actually need to run Cassandra, for example, with encryption to test it and see that it works for them.
from ione.
Ok, that makes sense. I'm finally getting time to start looking at adding encryption to my project, so I'll definitely be pulling it in. I'm still on Cassandra 1.2 for now, but I don't think the encryption support has changed much between that and 2.0. I'll let you know what I find. Has the ssl_support branch been kept up to date with the other 1.2 changes?
from ione.
It should be fine to run cql-rb with the encryption_support
branch and ione with the ssl_support
branch with Cassandra 1.2. I haven't rebased these on top of the latest, but there's no reason it shouldn't work. There's been no incompatibile changes.
from ione.
I just rebased ssl_support
on top of master
and pushed it up as ssl_support_on_1.2
if you want to try it.
from ione.
And thanks for helping out!
from ione.
Thanks for the rebase. I was going to attempt it, but I'm far from familiar with the code. Integrating it now and will let you know what I find.
from ione.
For anyone else watching this, the SSL features have been released with v1.2.0.pre2
from ione.
This has been released with v1.2.0.
from ione.
Related Issues (11)
- ione as dependency for cql-rb generate error in fluentd HOT 8
- Sockets disconnects are not discovered when the connection is cut by a middleman (VPN, NAT or other device) HOT 10
- Make the reactor restartable HOT 1
- Ione::Future.all([]) broken
- Performance problems when many timers are scheduled HOT 3
- Reactor dies unexpectedly HOT 4
- Schedule work on next tick
- Future.after can lead to stack overflow errors with completed futures
- EAGAIN / EWOULDBLOCK Error HOT 3
- Issue with cassandra ruby driver, timecop and ione HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ione.