|
Correct, that's not going to work.
The reason is that the GSKit routines will sometimes need some of the
crypto data used in TLS/SSL to be sent over the network. So select()
will return that the socket is readable, but gsk_secure_soc_read() will
not return any data -- it doesn't return any data because the data was
used internally for TLS/SSL.
In a blocking socket, that means that gsk_secure_soc_read() will block.
In a non-blocking scenario, it means that gsk_secure_soc_read() will
return 0 bytes. And you can potentially call select() -- or poll()
which does the same thing -- many times and and still get 0 bytes.
The best solution I've found is to use blocking sockets, and set
timeouts instead of using select() or poll().
For example, prior to calling gsk_secure_soc_init, do something like this:
rc = gsk_attribute_set_numeric_value(gskSoc, GSK_HANDSHAKE_TIMEOUT,
timeOut / 1000);
rc = gsk_attribute_set_numeric_value(gskSoc, GSK_IBMI_READ_TIMEOUT,
timeOut);
(and check 'rc' for error, etc, as you normally would with GSkit.)
Notice that the handshake timeout is in seconds, whereas the read
timeout is in milliseconds... Easily fixed, but... can lead to weird
results if you don't notice it, lol.
-SK
On 2/13/2024 1:48 PM, Kelly Beard wrote:
I've done some socket programming in my past, and select() has been myin
go-to to prevent hanging reads. Something isn't working in this case.
We've purposely asked the vendor we're sending to to not send a response
order to test our timeout code. That appears to be working, at least onI
their end. My tried-and-true method of ensuring that I don't hang on a
read when there is nothing there, is not. Below is what I have going on.
In essence, select() is returning right away with 1 as though there is
something available, but soc_read() hangs forever until something happens
(several minutes) and the read is terminated.
So, has anyone seen something like this before? Is there another method
can use?iteration.
int amtRead = 0, totalRead = 0, select_rc;
fd_set read_set, write_set, error_set;
struct timeval timeout = { 10, 0 }; // 10 second timeout
FD_ZERO(&read_set);
FD_ZERO(&error_set);
FD_SET(sd, &read_set);
FD_SET(sd, &error_set);
timeout.tv_sec = TV_SEC; // reset this on every new
timeout.tv_usec = 0;&timeout);
do {
if (bDebug) {
CERR2 << "calling select()...\n";
}
select_rc = select(sd + 1, &read_set, NULL, &error_set,
if (bDebug) {rc <<
CERR << "select_rc=" << select_rc << '\n';
}
if (select_rc == 0) { // TIMEOUT
break;
}
else if (select_rc == 1 && FD_ISSET(sd, &read_set)) {
timeout.tv_sec = 0;
timeout.tv_usec = 500000;
//Read via TLS
rc = gsk_secure_soc_read(my_session_handle, buff2,
sizeof(buff2), &amtRead);
if (rc != GSK_OK) {
sstr << "gsk_secure_soc_write() failed with rc = " <<
" (" << gsk_strerror(rc) << "), errno=" << strerror(errno);--
throw runtime_error(sstr.str());
}
// keep an accumualtor going
totalRead += amtRead;
...
code continues...
This is the Bare Metal Programming IBM i (AS/400 and iSeries) (C400-L)
mailing list
To post a message email: C400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/c400-l
or email: C400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/c400-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
