SSL读取和SSL同时写入 [英] SSL read and SSL write simultaneously

问题描述

我有两个线程， mainThread 和 recvThread 。

在 recvThread ，我调用 SSL_read（ssl，readBuffer，sizeof（readBuffer）） 。这阻塞了线程，直到接收到数据。

On recvThread, I call SSL_read(ssl, readBuffer, sizeof(readBuffer)). This blocks the thread until data is received.

然后，在 mainThread 我得到通知，需要发送一些数据。所以，我调用 SSL_write（ssl，someData，sizeof（someData））。

Then, on mainThread I get told that some data needs to be sent. So, I call SSL_write(ssl, someData, sizeof(someData)).

有时，这很好。其他时候，这会失败与wierd内部错误消息。我的猜想是，我不能调用SSL_write，而SSL_read发生在相同的 ssl 上下文。这对我来说很有意义，但是如何解决呢？

Sometimes, this works fine. Other times, this fails with wierd internal error messages. My guess is that I can't call SSL_write whilst an SSL_read is occurring on the same ssl context. This makes total sense to me, but how do I fix it?

我使 recvThread 执行类似的操作：

SSL * ssl;
std::string data;
boost::mutex dataMutex;

while (recvThreadShouldBeRunning) {
    char readBuffer[100];
    auto nRead = SSL_read(ssl, readBuffer, sizeof(readBuffer)); //Non-blocking call to SSL_read.

    // Do something with nRead (handle errors, use data)

    {
        auto dataLock = boost::unique_lock<boost::mutex>(dataMutex);
        if (data.length() > 0)
        {
            SSL_write(ssl, data.c_str(), data.length());
        }
    }
    sleep(50);
}

然后当我需要发送...

and then when I need to send something...

{
    auto dataLock = boost::unique_lock<boost::mutex>(dataMutex);
    data = "some data";
}

这似乎可以工作，但我认为这是一个相当难看的解决方案对我的问题。是否有办法以某种方式 SSL_lock（） SSL_wait_on_data（） SSL_unlock c $ c>？

This seems like it will work, but I think it is a rather ugly solution to my problem. Is there a way to somehow SSL_lock() SSL_wait_on_data() SSL_unlock()? Or is this the best way to go about it?

这种问题的标准方法是什么？

What is the standard way to go about this sort of problem?

感谢您的时间。

推荐答案

文档中的引文似乎包含了答案：

The quote from the documentation seems to contain the answer:

OpenSSL可以安全地用于多线程应用程序，前提是至少设置了两个回调函数：locking_function和threadid_func。

OpenSSL can safely be used in multi-threaded applications provided that at least two callback functions are set, locking_function and threadid_func.

locking_function（int mode，int n，const char * file，int line）来锁定共享数据结构。 （注意，OpenSSL使用多个全局数据结构，每当多个线程使用OpenSSL时，它们将被隐式共享。）如果未设置，多线程应用程序将随机崩溃。

locking_function(int mode, int n, const char *file, int line) is needed to perform locking on shared data structures. (Note that OpenSSL uses a number of global data structures that will be implicitly shared whenever multiple threads use OpenSSL.) Multi-threaded applications will crash at random if it is not set.

locking_function（）必须能够处理最多 CRYPTO_num_locks（）不同的互斥锁。它设置第n个锁如果 mode & CRYPTO_LOCK ，否则将其释放。

locking_function() must be able to handle up to CRYPTO_num_locks() different mutex locks. It sets the n-th lock if mode & CRYPTO_LOCK, and releases it otherwise.

行是设置锁定的函数的文件编号。它们可用于调试。

file and line are the file number of the function setting the lock. They can be useful for debugging.

- 主题 - OpenSSL 。

使用锁定相关函数（github）的示例：

crypto / threads / mttest.c显示了Solaris，Irix和Win32上的回调函数的示例。

crypto/threads/mttest.c shows examples of the callback functions on Solaris, Irix and Win32.

- 主题 - OpenSSL 。

这篇关于SSL读取和SSL同时写入的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！