nginx: src/event/ngx_event_openssl.c comparison

comparison src/event/ngx_event_openssl.c @ 7584:9d2ad2fb4423

SSL: available bytes handling (ticket #1431). Added code to track number of bytes available in the socket. This makes it possible to avoid looping for a long time while working with fast enough peer when data are added to the socket buffer faster than we are able to read and process data. When kernel does not provide number of bytes available, it is retrieved using ioctl(FIONREAD) as long as a buffer is filled by SSL_read(). It is assumed that number of bytes returned by SSL_read() is close to the number of bytes read from the socket, as we do not use SSL compression. But even if it is not true for some reason, this is not important, as we post an additional reading event anyway. Note that data can be buffered at SSL layer, and it is not possible to simply stop reading at some point and wait till the event will be reported by the kernel again. This can be only done when there are no data in SSL buffers, and there is no good way to find out if it's the case. Instead of trying to figure out if SSL buffers are empty, this patch introduces events posted for the next event loop iteration - such events will be processed only on the next event loop iteration, after going into the kernel and retrieving additional events. This seems to be simple and reliable approach.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Thu, 17 Oct 2019 16:02:24 +0300
parents	70749256af79
children	1ce3f01a4355

comparison

equal deleted inserted replaced

-:efd71d49bde0
+:9d2ad2fb4423
 static ssize_t ngx_ssl_recv_early(ngx_connection_t *c, u_char *buf,
 size_t size);
 #endif
 static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n);
 static void ngx_ssl_write_handler(ngx_event_t *wev);
+static void ngx_ssl_next_read_handler(ngx_event_t *rev);
 #ifdef SSL_READ_EARLY_DATA_SUCCESS
 static ssize_t ngx_ssl_write_early(ngx_connection_t *c, u_char *data,
 size_t size);
 #endif
 static void ngx_ssl_read_handler(ngx_event_t *rev);
 size -= n;
 if (size == 0) {
 c->read->ready = 1;
+if (c->read->available >= 0) {
+c->read->available -= bytes;
+/*
+* there can be data buffered at SSL layer,
+* so we post an event to continue reading on the next
+* iteration of the event loop
+*/
+if (c->read->available < 0) {
+c->read->available = 0;
+c->read->ready = 0;
+if (c->ssl->next_read_handler == NULL) {
+c->ssl->next_read_handler = c->read->handler;
+c->read->handler = ngx_ssl_next_read_handler;
+}
+ngx_post_event(c->read, &ngx_posted_next_events);
+}
+ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+"SSL_read: avail:%d", c->read->available);
+} else {
+#if (NGX_HAVE_FIONREAD)
+if (ngx_socket_nread(c->fd, &c->read->available) == -1) {
+c->read->error = 1;
+ngx_connection_error(c, ngx_socket_errno,
+ngx_socket_nread_n " failed");
+return NGX_ERROR;
+}
+ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+"SSL_read: avail:%d", c->read->available);
+#endif
+}
 return bytes;
 }
 buf += n;
 c = wev->data;
 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL write handler");
 c->read->handler(c->read);
+}
+static void
+ngx_ssl_next_read_handler(ngx_event_t *rev)
+{
+ngx_connection_t  *c;
+c = rev->data;
+ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL next read handler");
+rev->handler = c->ssl->next_read_handler;
+c->ssl->next_read_handler = NULL;
+if (!rev->ready) {
+rev->ready = 1;
+rev->available = -1;
+}
+if (rev->posted) {
+ngx_delete_posted_event(rev);
+}
+rev->handler(rev);
 }
 /*
 * OpenSSL has no SSL_writev() so we copy several bufs into our 16K buffer

Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 7584:9d2ad2fb4423