[PYTHON-CRYPTO] m2crypto - close_wait when running echod_async
Ng Pheng Siong
ngps at POST1.COM
Fri Jun 25 19:43:11 CEST 2004
On Wed, Jun 23, 2004 at 04:03:28PM +0200, Andre Reitz wrote:
> is it legal to use the standard select method on the underlying socket of a
> m2crypto SSL.Connection Object,
> or are there problems bacause of the ssl-protocol lying on the socket?
Ah, I misread your question earlier. Yes it is okay to use select to
test the underlying socket. However, you must use SSL's read/write
functions (i.e., SSL.Connection's read/write methods) when select indicates
the socket is readable/writeable respectively.
This is because the SSL protocol adds crypto overhead to your data; when
select reports that the socket is writeable, say, SSL might need to _read_
and write stuff over the wire that is SSL-specific and has nothing to do
with your data, and the SSL functions handle this properly.
Also take a look at contrib/dave.README, from Dave Brueck in 2002:
The ssl_connect, ssl_read_nbio, etc. calls don't differentiate between
SSL_ERROR_WANT_WRITE and SSL_ERROR_WANT_READ when a non-blocking call
couldn't finish. But without this information, I don't know whether the
socket needs to do more reading or more writing before a subsequent
attempt will work without blocking. The demo applications (e.g.
echod-async.py) don't seem to care about this but they get around it by
simply trying the operation over and over again, which I can't do for
I use ZServerSSL over the net and haven't encountered any performance
problems. I was asking Dave if he has more info on the improvement in
performance, but our email conversation kinda petered out.
Ng Pheng Siong <ngps at netmemetic.com>
http://firewall.rulemaker.net -+- Firewall Version Control
http://sandbox.rulemaker.net/ngps -+- M2Crypto, ZServerSSL/Zope, Blog
More information about the python-crypto