```

47757 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551417
47758 2020/05/07 06:37:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47759 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47760 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47761 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47762 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47763 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47764 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47765 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47766 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47767 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47768 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47769 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47770 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47771 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47772 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47773 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47774 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47775 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47776 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47777 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47778 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47779 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47780 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47781 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47782 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47783 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47784 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer del: 11: 15581551413
47785 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer add: 11: 60000:15581551957
47786 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47787 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47788 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47789 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47790 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47791 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47792 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47793 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47794 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47795 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47796 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47797 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47798 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957

```

https://github.com/nginx/nginx/blob/2187586207e1465d289ae64cedc829719a048a39/src/http/ngx_http_upstream.c

https://github.com/nginx/nginx/blob/4bf4650f2f10f7bbacfe7a33da744f18951d416d/src/core/ngx_log.h

```
#if (NGX_DEBUG)

#if (NGX_HAVE_VARIADIC_MACROS)

#define ngx_log_debug0(level, log, err, fmt) \
ngx_log_debug(level, log, err, fmt)

#define ngx_log_debug1(level, log, err, fmt, arg1)
```

https://github.com/nginx/nginx/blob/fb34316d68511bd0986d3153dfea93d21363016d/src/event/ngx_event_openssl.c

sslerr = SSL_get_error(c->ssl->connection, n);

ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr);

openssl/ssl_lib.c at 35774d5594af9beeb73792742b7ed901d202be70 · openssl/openssl https://github.com/openssl/openssl/blob/35774d5594af9beeb73792742b7ed901d202be70/ssl/ssl_lib.c

int SSL_get_error(const SSL *s, int i)
{
int reason;
unsigned long l;
BIO *bio;

if (i > 0)
return SSL_ERROR_NONE;

/*
* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
* where we do encode the error
*/
if ((l = ERR_peek_error()) != 0) {
if (ERR_GET_LIB(l) == ERR_LIB_SYS)
return SSL_ERROR_SYSCALL;
else
return SSL_ERROR_SSL;
}

if (SSL_want_read(s)) {
bio = SSL_get_rbio(s);
if (BIO_should_read(bio))
return SSL_ERROR_WANT_READ;
else if (BIO_should_write(bio))
/*
* This one doesn't make too much sense ... We never try to write
* to the rbio, and an application program where rbio and wbio
* are separate couldn't even know what it should wait for.
* However if we ever set s->rwstate incorrectly (so that we have
* SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
* wbio *are* the same, this test works around that bug; so it
* might be safer to keep it.
*/
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL; /* unknown */
}
}

if (SSL_want_write(s)) {
/* Access wbio directly - in order to use the buffered bio if present */
bio = s->wbio;
if (BIO_should_write(bio))
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_read(bio))
/*
* See above (SSL_want_read(s) with BIO_should_write(bio))
*/
return SSL_ERROR_WANT_READ;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL;
}
}
if (SSL_want_x509_lookup(s))
return SSL_ERROR_WANT_X509_LOOKUP;
if (SSL_want_async(s))
return SSL_ERROR_WANT_ASYNC;
if (SSL_want_async_job(s))
return SSL_ERROR_WANT_ASYNC_JOB;
if (SSL_want_client_hello_cb(s))
return SSL_ERROR_WANT_CLIENT_HELLO_CB;

if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
(s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY))
return SSL_ERROR_ZERO_RETURN;

return SSL_ERROR_SYSCALL;
}

https://github.com/openssl/openssl/blob/e908f292de6383c5d4dbece9381b523d4ce41c69/include/openssl/ssl.h

```
# define SSL_ERROR_NONE 0
# define SSL_ERROR_SSL 1
# define SSL_ERROR_WANT_READ 2
# define SSL_ERROR_WANT_WRITE 3
# define SSL_ERROR_WANT_X509_LOOKUP 4
# define SSL_ERROR_SYSCALL 5/* look at error stack/return
* value/errno */
# define SSL_ERROR_ZERO_RETURN 6
# define SSL_ERROR_WANT_CONNECT 7
# define SSL_ERROR_WANT_ACCEPT 8
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
```

openssl/bio.h at 852c2ed260860b6b85c84f9fe96fb4d23d49c9f2 · openssl/openssl https://github.com/openssl/openssl/blob/852c2ed260860b6b85c84f9fe96fb4d23d49c9f2/include/openssl/bio.h

```
/* These should be used by the application to tell why we should retry */
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
```

SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.

SSL_get_error https://www.ibm.com/support/knowledgecenter/en/SSB23S_1.1.0.14/gtpc2/cpp_ssl_get_error.html

ssl
A pointer to a token returned on the SSL_new call.
ret
The return code from the previous SSL API call.

Normal return

Returns one of the following values:
SSL_ERROR_NONE
No error to report. This is set when the value of the ret parameter is greater than 0.
SSL_ERROR_SSL
An error occurred in the SSL library.
SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.
SSL_ERROR_WANT_WRITE
Processing was not completed successfully because the socket associated with the SSL session is blocked from sending data. Try the function again at a later time.
SSL_ERROR_SYSCALL
An I/O error occurred. Issue the sock_errno function to determine the cause of the error.
SSL_ERROR_ZERO_RETURN
The remote application shut down the SSL connection normally. Issue the SSL_shutdown function to shut down data flow for an SSL session.
SSL_ERROR_WANT_CONNECT
Processing was not completed successfully because the SSL session was in the process of starting the session, but it has not completed yet. Try the function again at a later time.

Error return

None.

Programming considerations

  • To use this function, you must include the library specified in the prototype in your makefile.
  • If an SSL API call results in an error return code, issue the SSL_get_error function for the following functions to obtain the reason for the error:
    • SSL_accept
    • SSL_connect
    • SSL_read
    • SSL_shutdown
    • SSL_write.
  • Do not use errno or the sock_errno function to determine the cause of an SSL API error. Instead, you must use the SSL_get_error function. However, if you received the SSL_ERROR_SYSCALL return code after issuing the SSL_get_error function, it is appropriate to use the sock_errno function.

TLS 1.3: SSL_ERROR_WANT_READ after the first SSL_read after handshake, but no more data available · Issue #7327 · openssl/openssl https://github.com/openssl/openssl/issues/7327

openssl/SSL_get_error.pod at master · openssl/openssl https://github.com/openssl/openssl/blob/master/doc/man3/SSL_get_error.pod

SSL_ERROR_WANT_READ的更多相关文章

  1. 非阻塞/异步(epoll) openssl

    前段时间在自己的异步网络框架handy中添加openssl的支持,当时在网络上搜索了半天也没有找到很好的例子,后来自己慢慢的摸索,耗费不少时间,终于搞定.因此把相关的资料整理一下,并给出简单的例子,让 ...

  2. openssl 使用非阻塞 bio

    序 在项目中需要访问 https 加密的网页,为了保证并发性,需要用到非阻塞的 socket,搜索发现,这种使用场景的相关介绍不是很多,所以这里记录一下使用的过程. 在项目中,所使用的 ssl 库是老 ...

  3. https大势已来?看腾讯专家如何在高并发压测中支持https

    WeTest 导读 用epoll编写一个高并发网络程序是很常见的任务,但在epoll中加入ssl层的支持则是一个不常见的场景.腾讯WeTest服务器压力测产品,在用户反馈中收到了不少支持https协议 ...

  4. 基于OpenSSL的HTTPS通信C++实现

      HTTPS是以安全为目标的HTTP通道,简单讲是HTTP的安全版.即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL.Nebula是一个为开发者提供一个快速开发 ...

  5. 回首C语言关键字(~回首向来萧瑟处~)

    开篇废话: 本文意在回顾 C 语言中的关键字,整理文件发现当时做的这些笔记还是蛮用心的,有临摹 前辈的足迹也有自己的理解和体会.时至今日2018已经跨过一半,对不起过去半年,今天 拿这篇关键字开篇,开 ...

  6. 在libuv中使用openssl建立ssl连接

    在libuv中使用openssl建立ssl连接 @(blogs) 使用openssl进行加密通信时,通常是先建立socket连接,然后使用SSL_XXX系列函数在普通socket之上建立安全连接,然后 ...

  7. GSOAP服务卡住?

    很久以前参考了https://www.genivia.com/doc/soapdoc2.html 中的一段: How to Create a Multi-Threaded Stand-Alone Se ...

  8. C++ windows客户端支持SSL双向认证

    C++ windows客户端支持SSL双向认证,服务端是JAVA开发的,使用的证书是jks格式的.C++并不支持JKS格式的证书,所以要用openssl进行转换下. 1. 需要先把jks转成.p12文 ...

  9. nginx&http 第五章 https non-fd 读写检测

    EPOLL的LT/ET 模式下的读写 从一个非阻塞的socket上调用recv/send函数, 返回EAGAIN或者EWOULDBLOCK(注: EAGAIN就是EWOULDBLOCK)从字面上看, ...

随机推荐

  1. .net MVC 微信公众号 点击菜单拉取消息时的事件推送

    官方文档:https://mp.weixin.qq.com/wiki?t=resource/res_main&id=mp1421141016&token=&lang=zh_CN ...

  2. Java获取X509证书里的指纹(SHA-1)从pxf文件里面

    直接通过流去获取pxf后缀文件的内容,指纹通过X509才能获取.String keyStorefile = "pfx文件地址";String strPassword = " ...

  3. JTable写入数据库内容

    /*JTable中导入数据库数据. 创建2个Vector col和dat col存入字段名 dat存入数据内容. dbname=new JTable(dat,col); */package demo; ...

  4. Java学习日报7.12

    public class HelloWorld{ public static void main(String[] args) { System.out.println("Hello Wro ...

  5. Redis 设计与实现 6:五大数据类型之列表

    列表对象有 3 种编码:ziplist.linkedlist.quicklist. ziplist 和 linkedlist 是 3.2 版本之前的编码. quicklist 是 3.2 版本新增的编 ...

  6. CSDN中的MARKDOWN编辑器如何快速复制粘贴图片?

    前言 我们在使用csdn的markdown编辑器复制其它网站图片,按住ctrl+C复制选择图片,然后按ctrl+V粘贴图片到md编辑器无任何反应!markdown编辑器每次都没法复制粘贴截图! 下面小 ...

  7. Docker之1---介绍和安装

    Docker介绍 Docker是一个开源项目,让应用程序布署在软件货柜下的工作可以自动化进行,借此在Linux操作系统上,提供一个额外的软件抽象层,以及操作系统层虚拟化的自动管理机制. Docker利 ...

  8. 网易163 docker镜像

    $ sudo echo "DOCKER_OPTS=\"--registry-mirror=http://hub-mirror.c.163.com\"" > ...

  9. Sqoop(四)增量导入、全量导入、减量导入

    增量导入 一.说明 当在生产环境中,我们可能会定期从与业务相关的关系型数据库向Hadoop导入数据,导入数仓后进行后续离线分析.这种情况下我们不可能将所有数据重新再导入一遍,所以此时需要数据增量导入. ...

  10. 杭电OJ----1097:一个难题(c++)

    问题描述 lcy给feng5166,lwg,JGShining和Ignatius带来了一个难题:给了a和b,如何知道a ^ b.每个人都反对这个BT问题,所以lcy使问题比开始容易. 这个难题描述了: ...