Menu
▾
▴
Re: [TCLCORE] tcltls: unexpected 0-bytes [read], then nothing
|
From: <msc...@po...> - 2024-06-05 15:11:20
|
Hi, just took a short look at the bug description. "Additionally, a still unexplained constant of 16384 bytes plays a role in the pattern." your unexplained 16384 bytes is probably the frame size used by TLS, which is exactly 16kB. I would guess that the fileevent fires, Tcl-TLS then uses the openssl layer to decrypt the received bytes and ends up with a half decoded state, as not enough bytes have been read to emit any cleartext yet, see the state descriptions at https://www.openssl.org/docs/man3.3/man3/SSL_want.html especially SSL_READING. So you might end up with a fileevent that detects the socket is readable, but all the bytes read are consumed to drive the internal OpenSSL CTX state forward, but does not produce any output bytes. The "Head of Line" blocking image here describes the issue: https://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/ No idea how this should be handled properly, guess an empty read has to be expected from a TLS channel and does not signal EOF in that case. Regards, Michael Schlenker Am 05.06.2024 16:08 schrieb elns: > On 6/5/24 15:22, Pietro Cerutti via Tcl-Core wrote: > >> 4. we get a read event on the $sock >> 5. we [read $sock] in the event handler and expect to get a response >> >> Point 5. works fine against a local Redis instance w/o TLS. >> >> When we turn TLS on, we see weird things: >> >> 1. we get a number of read events where [read $sock] returns "" >> 2. sometimes we get meaningful read events afterwards, where a [read >> $sock] returns the expected response >> 3. sometimes we don't get any meaningful read events after the empty >> ones > > Reminds me of: > > https://sourceforge.net/p/tls/bugs/38/ > > Regards, > Erik Leunissen > -- > > >> >> Under the gist, I have included two comments with sample runs against >> my local Redis server and against an intance on upstash.com. You can >> see the randomness of the empty / meaningful responses. >> >> I can provide the output when tcltls is compiled with >> -DTCLEXT_TCLTLS_DEBUG, if anyone wants to take a look. >> >> Any pointers would be appreciated. >> > > > > _______________________________________________ > Tcl-Core mailing list > Tcl...@li... > https://lists.sourceforge.net/lists/listinfo/tcl-core |
