BIO Series 8 in openssl --- read/write error control, openssl8 ---

BIO Series 8 in openssl --- read/write error control, openssl8 ---

Read/write error control

--- Based on openssl doc/crypto/bio/bio_should_retry.pod translation and your own understanding, write

By DragonKing Mail: wzhah@263.net published on: open http://gdwzh.126.com

Ssl Professional Forum)

When the BIO_read or BIO_write function call fails, BIO itself provides a set of error diagnostics.

Function. They are defined as follows (openssl/bio. h ):

# Define BIO_should_read (a)-> flags & BIO_FLAGS_READ)

# Define BIO_should_write (a)-> flags & BIO_FLAGS_WRITE)

# Define BIO_should_io_special (a)-> flags & BIO_FLAGS_IO_SPECIAL)

# Define BIO_retry_type (a)-> flags & BIO_FLAGS_RWS)

# Define BIO_should_retry (a)-> flags & BIO_FLAGS_SHOULD_RETRY)

# Define BIO_FLAGS_READ 0x01

# Define BIO_FLAGS_WRITE 0x02

# Define BIO_FLAGS_IO_SPECIAL 0x04

# Define BIO_FLAGS_RWS (BIO_FLAGS_READ | BIO_FLAGS_WRITE | BIO_FLAGS_IO_SPEC

IAL)

# Define BIO_FLAGS_SHOULD_RETRY 0x08

BIO * BIO_get_retry_BIO (BIO * bio, int * reason );

Int BIO_get_retry_reason (BIO * bio );

Because these functions are used to determine why BIO cannot read or write data while reading and writing data

They are also called after the BIO_read or BIO_write operation is executed.

[BIO_should_retry]

If a read/write error occurs when the program needs to retry later, the function returns true. If the function returns f

Alse. In this case, the determination of the error is determined based on the BIO type and the BIO operation return value. For example

If the BIO_read operation is called for BIO of the socket type and the return value is 0, BIO_should_retry returns fa

Lse indicates that the socket connection is closed. If this is the case for file type BIO, it means

Read the file eof. Some BIO types also provide more error information. For details, refer to their respective descriptions.

 

If the underlying I/O structure of BIO is in blocking mode, almost all BIO types (except for SSL BIO) are not

Will return the retry situation (that is to say, calling BIO_should_retry will not return true), because at this time the lower layer

I/O calls are not performed at all. Therefore, it is recommended that if your application can determine that BIO type is performing IO operations

Do not call the BIO_should_retry function when no retry occurs. This is true for file type BIO.

A typical example.

The BIO of the SSL type is the only exception of the above rules. That is to say, in the block I/O structure, if

When BIO_read is called, a handshake occurs, and it also returns a retry request (calling BIO_should_r

Etry returns true ). In this case, the application can immediately re-execute the failed I/O operation, or

Set SSL_MODE_AUTO_RETRY in the I/O structure of the layer to avoid this failure.

If the application fails to call the IO operation in non-blocking BIO immediately, the efficiency may be low.

Because the call will return repeated failure results before the data can be read or valid. Therefore, normal applications should

After the required conditions are met, the program executes relevant calls.

Structure. For example, if an underlying IO is a soket and BIO_should_retry returns true

You can call select () to retry IO operations after the data is valid. In a thread, you can use

Select () to process multiple non-blocking BIO, however, the execution efficiency may be very low, compared

For example, if one of the SSL Type BIO with a long delay occurs during handshake.

In a blocking I/O structure, reading data may result in an indefinite blocking.

. We certainly don't expect this to happen. One of the solutions is to try to use non-blocking

Type IO structure and use the select function (or equivalent) to set the wait time.

[BIO_should_read]

This function returns true. If the cause of IO operation failure is that BIO needs to read data at this time.

[BIO_should_write]

This function returns true. If the cause of IO operation failure is that BIO needs to write data at this time.

[BIO_should_io_special]

This function returns true if the cause of IO operation failure is special (that is, the reason beyond read/write)

[BIO_get_retry_reason]

Returns the cause of failure. The Code includes BIO_FLAGS_READ, BIO_FLAGS_WRITE, and BIO_FLAGS_IO _

SPECIAL. The current BIO type only returns one of them. If the input BIO is BIO with special errors,

The error code returned by this function is the same as the reason returned by BIO_get_retry_BIO.

[BIO_get_retry_BIO]

This function provides a brief error cause in special cases. It returns the faulty BIO. If the reason is not set to N

It contains the error code, the meaning of the error code, and the measures to be taken in the next step.

In this case, depending on the type of BIO.