```

47757 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551417
47758 2020/05/07 06:37:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47759 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47760 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47761 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47762 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47763 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47764 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47765 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47766 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47767 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47768 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47769 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47770 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47771 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47772 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47773 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47774 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47775 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47776 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47777 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47778 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47779 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47780 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47781 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47782 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47783 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47784 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer del: 11: 15581551413
47785 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer add: 11: 60000:15581551957
47786 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47787 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47788 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47789 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47790 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47791 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47792 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47793 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47794 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47795 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47796 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47797 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47798 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957

```

https://github.com/nginx/nginx/blob/2187586207e1465d289ae64cedc829719a048a39/src/http/ngx_http_upstream.c

https://github.com/nginx/nginx/blob/4bf4650f2f10f7bbacfe7a33da744f18951d416d/src/core/ngx_log.h

```
#if (NGX_DEBUG)

#if (NGX_HAVE_VARIADIC_MACROS)

#define ngx_log_debug0(level, log, err, fmt) \
ngx_log_debug(level, log, err, fmt)

#define ngx_log_debug1(level, log, err, fmt, arg1)
```

https://github.com/nginx/nginx/blob/fb34316d68511bd0986d3153dfea93d21363016d/src/event/ngx_event_openssl.c

sslerr = SSL_get_error(c->ssl->connection, n);

ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr);

openssl/ssl_lib.c at 35774d5594af9beeb73792742b7ed901d202be70 · openssl/openssl https://github.com/openssl/openssl/blob/35774d5594af9beeb73792742b7ed901d202be70/ssl/ssl_lib.c

int SSL_get_error(const SSL *s, int i)
{
int reason;
unsigned long l;
BIO *bio;

if (i > 0)
return SSL_ERROR_NONE;

/*
* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
* where we do encode the error
*/
if ((l = ERR_peek_error()) != 0) {
if (ERR_GET_LIB(l) == ERR_LIB_SYS)
return SSL_ERROR_SYSCALL;
else
return SSL_ERROR_SSL;
}

if (SSL_want_read(s)) {
bio = SSL_get_rbio(s);
if (BIO_should_read(bio))
return SSL_ERROR_WANT_READ;
else if (BIO_should_write(bio))
/*
* This one doesn't make too much sense ... We never try to write
* to the rbio, and an application program where rbio and wbio
* are separate couldn't even know what it should wait for.
* However if we ever set s->rwstate incorrectly (so that we have
* SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
* wbio *are* the same, this test works around that bug; so it
* might be safer to keep it.
*/
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL; /* unknown */
}
}

if (SSL_want_write(s)) {
/* Access wbio directly - in order to use the buffered bio if present */
bio = s->wbio;
if (BIO_should_write(bio))
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_read(bio))
/*
* See above (SSL_want_read(s) with BIO_should_write(bio))
*/
return SSL_ERROR_WANT_READ;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL;
}
}
if (SSL_want_x509_lookup(s))
return SSL_ERROR_WANT_X509_LOOKUP;
if (SSL_want_async(s))
return SSL_ERROR_WANT_ASYNC;
if (SSL_want_async_job(s))
return SSL_ERROR_WANT_ASYNC_JOB;
if (SSL_want_client_hello_cb(s))
return SSL_ERROR_WANT_CLIENT_HELLO_CB;

if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
(s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY))
return SSL_ERROR_ZERO_RETURN;

return SSL_ERROR_SYSCALL;
}

https://github.com/openssl/openssl/blob/e908f292de6383c5d4dbece9381b523d4ce41c69/include/openssl/ssl.h

```
# define SSL_ERROR_NONE 0
# define SSL_ERROR_SSL 1
# define SSL_ERROR_WANT_READ 2
# define SSL_ERROR_WANT_WRITE 3
# define SSL_ERROR_WANT_X509_LOOKUP 4
# define SSL_ERROR_SYSCALL 5/* look at error stack/return
* value/errno */
# define SSL_ERROR_ZERO_RETURN 6
# define SSL_ERROR_WANT_CONNECT 7
# define SSL_ERROR_WANT_ACCEPT 8
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
```

openssl/bio.h at 852c2ed260860b6b85c84f9fe96fb4d23d49c9f2 · openssl/openssl https://github.com/openssl/openssl/blob/852c2ed260860b6b85c84f9fe96fb4d23d49c9f2/include/openssl/bio.h

```
/* These should be used by the application to tell why we should retry */
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
```

SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.

SSL_get_error https://www.ibm.com/support/knowledgecenter/en/SSB23S_1.1.0.14/gtpc2/cpp_ssl_get_error.html

ssl
A pointer to a token returned on the SSL_new call.
ret
The return code from the previous SSL API call.

Normal return

Returns one of the following values:
SSL_ERROR_NONE
No error to report. This is set when the value of the ret parameter is greater than 0.
SSL_ERROR_SSL
An error occurred in the SSL library.
SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.
SSL_ERROR_WANT_WRITE
Processing was not completed successfully because the socket associated with the SSL session is blocked from sending data. Try the function again at a later time.
SSL_ERROR_SYSCALL
An I/O error occurred. Issue the sock_errno function to determine the cause of the error.
SSL_ERROR_ZERO_RETURN
The remote application shut down the SSL connection normally. Issue the SSL_shutdown function to shut down data flow for an SSL session.
SSL_ERROR_WANT_CONNECT
Processing was not completed successfully because the SSL session was in the process of starting the session, but it has not completed yet. Try the function again at a later time.

Error return

None.

Programming considerations

  • To use this function, you must include the library specified in the prototype in your makefile.
  • If an SSL API call results in an error return code, issue the SSL_get_error function for the following functions to obtain the reason for the error:
    • SSL_accept
    • SSL_connect
    • SSL_read
    • SSL_shutdown
    • SSL_write.
  • Do not use errno or the sock_errno function to determine the cause of an SSL API error. Instead, you must use the SSL_get_error function. However, if you received the SSL_ERROR_SYSCALL return code after issuing the SSL_get_error function, it is appropriate to use the sock_errno function.

TLS 1.3: SSL_ERROR_WANT_READ after the first SSL_read after handshake, but no more data available · Issue #7327 · openssl/openssl https://github.com/openssl/openssl/issues/7327

openssl/SSL_get_error.pod at master · openssl/openssl https://github.com/openssl/openssl/blob/master/doc/man3/SSL_get_error.pod

SSL_ERROR_WANT_READ的更多相关文章

  1. 非阻塞/异步(epoll) openssl

    前段时间在自己的异步网络框架handy中添加openssl的支持,当时在网络上搜索了半天也没有找到很好的例子,后来自己慢慢的摸索,耗费不少时间,终于搞定.因此把相关的资料整理一下,并给出简单的例子,让 ...

  2. openssl 使用非阻塞 bio

    序 在项目中需要访问 https 加密的网页,为了保证并发性,需要用到非阻塞的 socket,搜索发现,这种使用场景的相关介绍不是很多,所以这里记录一下使用的过程. 在项目中,所使用的 ssl 库是老 ...

  3. https大势已来?看腾讯专家如何在高并发压测中支持https

    WeTest 导读 用epoll编写一个高并发网络程序是很常见的任务,但在epoll中加入ssl层的支持则是一个不常见的场景.腾讯WeTest服务器压力测产品,在用户反馈中收到了不少支持https协议 ...

  4. 基于OpenSSL的HTTPS通信C++实现

      HTTPS是以安全为目标的HTTP通道,简单讲是HTTP的安全版.即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL.Nebula是一个为开发者提供一个快速开发 ...

  5. 回首C语言关键字(~回首向来萧瑟处~)

    开篇废话: 本文意在回顾 C 语言中的关键字,整理文件发现当时做的这些笔记还是蛮用心的,有临摹 前辈的足迹也有自己的理解和体会.时至今日2018已经跨过一半,对不起过去半年,今天 拿这篇关键字开篇,开 ...

  6. 在libuv中使用openssl建立ssl连接

    在libuv中使用openssl建立ssl连接 @(blogs) 使用openssl进行加密通信时,通常是先建立socket连接,然后使用SSL_XXX系列函数在普通socket之上建立安全连接,然后 ...

  7. GSOAP服务卡住?

    很久以前参考了https://www.genivia.com/doc/soapdoc2.html 中的一段: How to Create a Multi-Threaded Stand-Alone Se ...

  8. C++ windows客户端支持SSL双向认证

    C++ windows客户端支持SSL双向认证,服务端是JAVA开发的,使用的证书是jks格式的.C++并不支持JKS格式的证书,所以要用openssl进行转换下. 1. 需要先把jks转成.p12文 ...

  9. nginx&http 第五章 https non-fd 读写检测

    EPOLL的LT/ET 模式下的读写 从一个非阻塞的socket上调用recv/send函数, 返回EAGAIN或者EWOULDBLOCK(注: EAGAIN就是EWOULDBLOCK)从字面上看, ...

随机推荐

  1. 怎么判断map不为空

    public static void main(String[] args) { Map<String, String> map = new HashMap<String, Stri ...

  2. 【wp】2020XCTF_逆向

    前几天的XCTF最后一场终于打完了,三场比赛下来对逆向部分的大概感觉是从第一场的啥都不会做(一道lua+一道apk)到后来的终于能有参与度,至少后两场的题目都是pc逆向,虽然特殊架构但好歹能做(tcl ...

  3. IDEA中配置Git,在Github上clone项目到IDEA

    一.安装git 1.用homebrew安装git 运行以下命令安装 brew install git 默认的安装位置是 /usr/local/Cellar目录中(后面会用到) 二.在idea中配置Gi ...

  4. SpringMVC的@Validated校验注解使用方法

    validate会对参数进行校验,校验标准为validate后的类中的标准.本例中对User进行校验,User类中设置了校验标准. 在后台开发过程中,对参数的校验成为开发环境不可缺少的一个环节.比如参 ...

  5. Java8接口的默认方法

    项目实战 实现上图接口的实现类有很多,其中有些实现类已经在生成环境了,现在需要新增几个实现类,都需要有回调方法,所以在接口中添加了一个回调的默认方法,如果使用接口的普通方法就得改所有实现了接口的实现类 ...

  6. html 垂直并列显示

    笔者在制作登陆网页的时候,发现让input居中十分困难,笔者在网上搜了好久都没有结果,所以就想出了一个硬核的纯html的解决方法 直接上代码: <div style="text-ali ...

  7. Salesforce 大数据量处理篇(二)Index

    本篇参考: https://developer.salesforce.com/docs/atlas.en-us.202.0.salesforce_large_data_volumes_bp.meta/ ...

  8. 【模拟】P1143进制转换

    题目相关 题目描述 请你编一程序实现两种不同进制之间的数据转换. 输入格式 共三行,第一行是一个正整数,表示需要转换的数的进制n(2≤n≤16),第二行是一个n进制数,若n>10则用大写字母A- ...

  9. Linux下的screen和作业任务管理

    一.screen 首先介绍下screen,screen是Linux下的一个任务容器,开启了之后就可以让任务在后台执行而不会被网络中断或者是终端退出而影响到. 在Linux中有一些耗时比较久的操作(例如 ...

  10. python中环境变量的使用

    前言 之前就经常用,今天来凑个篇数. 在开发的过程中,我们经常会将代码中某些可能更改的,比如redis地址,数据库地址,限流阈值等参数写活来提高灵活性, 传统的方式可能是写在配置文件中,比如 xml ...