```

47757 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551417
47758 2020/05/07 06:37:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47759 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47760 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47761 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47762 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47763 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47764 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47765 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47766 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47767 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47768 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47769 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47770 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47771 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47772 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47773 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47774 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47775 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47776 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47777 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47778 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47779 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47780 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47781 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47782 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47783 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47784 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer del: 11: 15581551413
47785 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer add: 11: 60000:15581551957
47786 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47787 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47788 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47789 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47790 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47791 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47792 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47793 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47794 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47795 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47796 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47797 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47798 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957

```

https://github.com/nginx/nginx/blob/2187586207e1465d289ae64cedc829719a048a39/src/http/ngx_http_upstream.c

https://github.com/nginx/nginx/blob/4bf4650f2f10f7bbacfe7a33da744f18951d416d/src/core/ngx_log.h

```
#if (NGX_DEBUG)

#if (NGX_HAVE_VARIADIC_MACROS)

#define ngx_log_debug0(level, log, err, fmt) \
ngx_log_debug(level, log, err, fmt)

#define ngx_log_debug1(level, log, err, fmt, arg1)
```

https://github.com/nginx/nginx/blob/fb34316d68511bd0986d3153dfea93d21363016d/src/event/ngx_event_openssl.c

sslerr = SSL_get_error(c->ssl->connection, n);

ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr);

openssl/ssl_lib.c at 35774d5594af9beeb73792742b7ed901d202be70 · openssl/openssl https://github.com/openssl/openssl/blob/35774d5594af9beeb73792742b7ed901d202be70/ssl/ssl_lib.c

int SSL_get_error(const SSL *s, int i)
{
int reason;
unsigned long l;
BIO *bio;

if (i > 0)
return SSL_ERROR_NONE;

/*
* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
* where we do encode the error
*/
if ((l = ERR_peek_error()) != 0) {
if (ERR_GET_LIB(l) == ERR_LIB_SYS)
return SSL_ERROR_SYSCALL;
else
return SSL_ERROR_SSL;
}

if (SSL_want_read(s)) {
bio = SSL_get_rbio(s);
if (BIO_should_read(bio))
return SSL_ERROR_WANT_READ;
else if (BIO_should_write(bio))
/*
* This one doesn't make too much sense ... We never try to write
* to the rbio, and an application program where rbio and wbio
* are separate couldn't even know what it should wait for.
* However if we ever set s->rwstate incorrectly (so that we have
* SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
* wbio *are* the same, this test works around that bug; so it
* might be safer to keep it.
*/
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL; /* unknown */
}
}

if (SSL_want_write(s)) {
/* Access wbio directly - in order to use the buffered bio if present */
bio = s->wbio;
if (BIO_should_write(bio))
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_read(bio))
/*
* See above (SSL_want_read(s) with BIO_should_write(bio))
*/
return SSL_ERROR_WANT_READ;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL;
}
}
if (SSL_want_x509_lookup(s))
return SSL_ERROR_WANT_X509_LOOKUP;
if (SSL_want_async(s))
return SSL_ERROR_WANT_ASYNC;
if (SSL_want_async_job(s))
return SSL_ERROR_WANT_ASYNC_JOB;
if (SSL_want_client_hello_cb(s))
return SSL_ERROR_WANT_CLIENT_HELLO_CB;

if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
(s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY))
return SSL_ERROR_ZERO_RETURN;

return SSL_ERROR_SYSCALL;
}

https://github.com/openssl/openssl/blob/e908f292de6383c5d4dbece9381b523d4ce41c69/include/openssl/ssl.h

```
# define SSL_ERROR_NONE 0
# define SSL_ERROR_SSL 1
# define SSL_ERROR_WANT_READ 2
# define SSL_ERROR_WANT_WRITE 3
# define SSL_ERROR_WANT_X509_LOOKUP 4
# define SSL_ERROR_SYSCALL 5/* look at error stack/return
* value/errno */
# define SSL_ERROR_ZERO_RETURN 6
# define SSL_ERROR_WANT_CONNECT 7
# define SSL_ERROR_WANT_ACCEPT 8
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
```

openssl/bio.h at 852c2ed260860b6b85c84f9fe96fb4d23d49c9f2 · openssl/openssl https://github.com/openssl/openssl/blob/852c2ed260860b6b85c84f9fe96fb4d23d49c9f2/include/openssl/bio.h

```
/* These should be used by the application to tell why we should retry */
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
```

SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.

SSL_get_error https://www.ibm.com/support/knowledgecenter/en/SSB23S_1.1.0.14/gtpc2/cpp_ssl_get_error.html

ssl
A pointer to a token returned on the SSL_new call.
ret
The return code from the previous SSL API call.

Normal return

Returns one of the following values:
SSL_ERROR_NONE
No error to report. This is set when the value of the ret parameter is greater than 0.
SSL_ERROR_SSL
An error occurred in the SSL library.
SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.
SSL_ERROR_WANT_WRITE
Processing was not completed successfully because the socket associated with the SSL session is blocked from sending data. Try the function again at a later time.
SSL_ERROR_SYSCALL
An I/O error occurred. Issue the sock_errno function to determine the cause of the error.
SSL_ERROR_ZERO_RETURN
The remote application shut down the SSL connection normally. Issue the SSL_shutdown function to shut down data flow for an SSL session.
SSL_ERROR_WANT_CONNECT
Processing was not completed successfully because the SSL session was in the process of starting the session, but it has not completed yet. Try the function again at a later time.

Error return

None.

Programming considerations

  • To use this function, you must include the library specified in the prototype in your makefile.
  • If an SSL API call results in an error return code, issue the SSL_get_error function for the following functions to obtain the reason for the error:
    • SSL_accept
    • SSL_connect
    • SSL_read
    • SSL_shutdown
    • SSL_write.
  • Do not use errno or the sock_errno function to determine the cause of an SSL API error. Instead, you must use the SSL_get_error function. However, if you received the SSL_ERROR_SYSCALL return code after issuing the SSL_get_error function, it is appropriate to use the sock_errno function.

TLS 1.3: SSL_ERROR_WANT_READ after the first SSL_read after handshake, but no more data available · Issue #7327 · openssl/openssl https://github.com/openssl/openssl/issues/7327

openssl/SSL_get_error.pod at master · openssl/openssl https://github.com/openssl/openssl/blob/master/doc/man3/SSL_get_error.pod

SSL_ERROR_WANT_READ的更多相关文章

  1. 非阻塞/异步(epoll) openssl

    前段时间在自己的异步网络框架handy中添加openssl的支持,当时在网络上搜索了半天也没有找到很好的例子,后来自己慢慢的摸索,耗费不少时间,终于搞定.因此把相关的资料整理一下,并给出简单的例子,让 ...

  2. openssl 使用非阻塞 bio

    序 在项目中需要访问 https 加密的网页,为了保证并发性,需要用到非阻塞的 socket,搜索发现,这种使用场景的相关介绍不是很多,所以这里记录一下使用的过程. 在项目中,所使用的 ssl 库是老 ...

  3. https大势已来?看腾讯专家如何在高并发压测中支持https

    WeTest 导读 用epoll编写一个高并发网络程序是很常见的任务,但在epoll中加入ssl层的支持则是一个不常见的场景.腾讯WeTest服务器压力测产品,在用户反馈中收到了不少支持https协议 ...

  4. 基于OpenSSL的HTTPS通信C++实现

      HTTPS是以安全为目标的HTTP通道,简单讲是HTTP的安全版.即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL.Nebula是一个为开发者提供一个快速开发 ...

  5. 回首C语言关键字(~回首向来萧瑟处~)

    开篇废话: 本文意在回顾 C 语言中的关键字,整理文件发现当时做的这些笔记还是蛮用心的,有临摹 前辈的足迹也有自己的理解和体会.时至今日2018已经跨过一半,对不起过去半年,今天 拿这篇关键字开篇,开 ...

  6. 在libuv中使用openssl建立ssl连接

    在libuv中使用openssl建立ssl连接 @(blogs) 使用openssl进行加密通信时,通常是先建立socket连接,然后使用SSL_XXX系列函数在普通socket之上建立安全连接,然后 ...

  7. GSOAP服务卡住?

    很久以前参考了https://www.genivia.com/doc/soapdoc2.html 中的一段: How to Create a Multi-Threaded Stand-Alone Se ...

  8. C++ windows客户端支持SSL双向认证

    C++ windows客户端支持SSL双向认证,服务端是JAVA开发的,使用的证书是jks格式的.C++并不支持JKS格式的证书,所以要用openssl进行转换下. 1. 需要先把jks转成.p12文 ...

  9. nginx&http 第五章 https non-fd 读写检测

    EPOLL的LT/ET 模式下的读写 从一个非阻塞的socket上调用recv/send函数, 返回EAGAIN或者EWOULDBLOCK(注: EAGAIN就是EWOULDBLOCK)从字面上看, ...

随机推荐

  1. VS挂接崩溃包

    主要用来在用户机器上对目标进程生成dump文件,定位"卡死".Crash等问题.推荐相关工具DumpTool,WinCrashReport. DumpTool 下载 WinCras ...

  2. mysql中sql行列转换

    1.列转行 select class_id,MAX(CASE kemu when '语文' then score ELSE 0 end)as '语文' ,MAX(CASE kemu when '数学' ...

  3. 多维数组遍历.php

    $a=array('fruits'=>array('a'=>'orange','b'=>'grape','c'=>'apple'),     'numbers'=>arr ...

  4. kaggle入门题Titanic

    集成开发环境:Pycharm python版本:2.7(anaconda库) 用到的库:科学计算库numpy,数据分析包pandas,画图包matplotlib,机器学习库sklearn 大体步骤分为 ...

  5. docker 使用教程1

    1.概念理解 镜像:docker镜像就像一个个模具. 容器:docker容器就是模具翻模出来的东西. 仓库:仓库就是存放模具的地方. 下面通过运行 hello-world 来理解 docker镜像运行 ...

  6. ASP.NET Core路由中间件[3]: 终结点(Endpoint)

    到目前为止,ASP.NET Core提供了两种不同的路由解决方案.传统的路由系统以IRouter对象为核心,我们姑且将其称为IRouter路由.本章介绍的是最早发布于ASP.NET Core 2.2中 ...

  7. java操作HDFS相关demo(TDH,kerberos认证)

    public class Test {     private static Configuration conf;     private static FileSystem fs;     //开 ...

  8. 孟德尔随机化(Mendelian Randomization) 统计功效(power)和样本量计算

    孟德尔随机化(Mendelian Randomization) 统计功效(power)和样本量计算 1 统计功效(power)概念 统计功效(power)指的是在原假设为假的情况下,接受备择假设的概率 ...

  9. netcore.ydal可能是东半球最好ORM框架

    typora-copy-images-to: static ydal 项目框架介绍 可能是东半球最好netcore ORM框架,目前暂时支持mysql.mssql,其核心设计目标是开发迅速.学习简单. ...

  10. 数仓面试高频考点--解决hive小文件过多问题

    本文首发于公众号:五分钟学大数据 小文件产生原因 hive 中的小文件肯定是向 hive 表中导入数据时产生,所以先看下向 hive 中导入数据的几种方式 直接向表中插入数据 insert into ...