```

47757 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551417
47758 2020/05/07 06:37:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47759 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47760 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47761 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47762 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47763 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47764 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47765 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47766 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47767 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47768 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47769 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47770 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47771 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47772 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47773 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47774 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47775 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47776 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47777 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551413, new: 15581551625
47778 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47779 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47780 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: 28
47781 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_read: -1
47782 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_get_error: 2
47783 2020/05/07 06:36:04 [debug] 19413#19413: *23421 send: fd:11 28 of 28
47784 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer del: 11: 15581551413
47785 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer add: 11: 60000:15581551957
47786 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http run request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47787 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47788 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47789 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47790 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:1
47791 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: eof:0, avail:1
47792 2020/05/07 06:36:04 [debug] 19413#19413: *23421 recv: fd:11 65 of 4096
47793 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL to write: 65
47794 2020/05/07 06:36:04 [debug] 19413#19413: *23421 SSL_write: 65
47795 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957
47796 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream request: "/ws/base/?tid=3&tkn=e64c5aa4-7534-4f2d-84f9-005bd4498bf2"
47797 2020/05/07 06:36:04 [debug] 19413#19413: *23421 http upstream process upgraded, fu:0
47798 2020/05/07 06:36:04 [debug] 19413#19413: *23421 event timer: 11, old: 15581551957, new: 15581551957

```

https://github.com/nginx/nginx/blob/2187586207e1465d289ae64cedc829719a048a39/src/http/ngx_http_upstream.c

https://github.com/nginx/nginx/blob/4bf4650f2f10f7bbacfe7a33da744f18951d416d/src/core/ngx_log.h

```
#if (NGX_DEBUG)

#if (NGX_HAVE_VARIADIC_MACROS)

#define ngx_log_debug0(level, log, err, fmt) \
ngx_log_debug(level, log, err, fmt)

#define ngx_log_debug1(level, log, err, fmt, arg1)
```

https://github.com/nginx/nginx/blob/fb34316d68511bd0986d3153dfea93d21363016d/src/event/ngx_event_openssl.c

sslerr = SSL_get_error(c->ssl->connection, n);

ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr);

openssl/ssl_lib.c at 35774d5594af9beeb73792742b7ed901d202be70 · openssl/openssl https://github.com/openssl/openssl/blob/35774d5594af9beeb73792742b7ed901d202be70/ssl/ssl_lib.c

int SSL_get_error(const SSL *s, int i)
{
int reason;
unsigned long l;
BIO *bio;

if (i > 0)
return SSL_ERROR_NONE;

/*
* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
* where we do encode the error
*/
if ((l = ERR_peek_error()) != 0) {
if (ERR_GET_LIB(l) == ERR_LIB_SYS)
return SSL_ERROR_SYSCALL;
else
return SSL_ERROR_SSL;
}

if (SSL_want_read(s)) {
bio = SSL_get_rbio(s);
if (BIO_should_read(bio))
return SSL_ERROR_WANT_READ;
else if (BIO_should_write(bio))
/*
* This one doesn't make too much sense ... We never try to write
* to the rbio, and an application program where rbio and wbio
* are separate couldn't even know what it should wait for.
* However if we ever set s->rwstate incorrectly (so that we have
* SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
* wbio *are* the same, this test works around that bug; so it
* might be safer to keep it.
*/
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL; /* unknown */
}
}

if (SSL_want_write(s)) {
/* Access wbio directly - in order to use the buffered bio if present */
bio = s->wbio;
if (BIO_should_write(bio))
return SSL_ERROR_WANT_WRITE;
else if (BIO_should_read(bio))
/*
* See above (SSL_want_read(s) with BIO_should_write(bio))
*/
return SSL_ERROR_WANT_READ;
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
return SSL_ERROR_WANT_CONNECT;
else if (reason == BIO_RR_ACCEPT)
return SSL_ERROR_WANT_ACCEPT;
else
return SSL_ERROR_SYSCALL;
}
}
if (SSL_want_x509_lookup(s))
return SSL_ERROR_WANT_X509_LOOKUP;
if (SSL_want_async(s))
return SSL_ERROR_WANT_ASYNC;
if (SSL_want_async_job(s))
return SSL_ERROR_WANT_ASYNC_JOB;
if (SSL_want_client_hello_cb(s))
return SSL_ERROR_WANT_CLIENT_HELLO_CB;

if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
(s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY))
return SSL_ERROR_ZERO_RETURN;

return SSL_ERROR_SYSCALL;
}

https://github.com/openssl/openssl/blob/e908f292de6383c5d4dbece9381b523d4ce41c69/include/openssl/ssl.h

```
# define SSL_ERROR_NONE 0
# define SSL_ERROR_SSL 1
# define SSL_ERROR_WANT_READ 2
# define SSL_ERROR_WANT_WRITE 3
# define SSL_ERROR_WANT_X509_LOOKUP 4
# define SSL_ERROR_SYSCALL 5/* look at error stack/return
* value/errno */
# define SSL_ERROR_ZERO_RETURN 6
# define SSL_ERROR_WANT_CONNECT 7
# define SSL_ERROR_WANT_ACCEPT 8
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
```

openssl/bio.h at 852c2ed260860b6b85c84f9fe96fb4d23d49c9f2 · openssl/openssl https://github.com/openssl/openssl/blob/852c2ed260860b6b85c84f9fe96fb4d23d49c9f2/include/openssl/bio.h

```
/* These should be used by the application to tell why we should retry */
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
```

SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.

SSL_get_error https://www.ibm.com/support/knowledgecenter/en/SSB23S_1.1.0.14/gtpc2/cpp_ssl_get_error.html

ssl
A pointer to a token returned on the SSL_new call.
ret
The return code from the previous SSL API call.

Normal return

Returns one of the following values:
SSL_ERROR_NONE
No error to report. This is set when the value of the ret parameter is greater than 0.
SSL_ERROR_SSL
An error occurred in the SSL library.
SSL_ERROR_WANT_READ
Processing was not completed successfully because there was no data available for reading, and the socket available for the SSL session is in nonblocking mode. Try the function again at a later time.
SSL_ERROR_WANT_WRITE
Processing was not completed successfully because the socket associated with the SSL session is blocked from sending data. Try the function again at a later time.
SSL_ERROR_SYSCALL
An I/O error occurred. Issue the sock_errno function to determine the cause of the error.
SSL_ERROR_ZERO_RETURN
The remote application shut down the SSL connection normally. Issue the SSL_shutdown function to shut down data flow for an SSL session.
SSL_ERROR_WANT_CONNECT
Processing was not completed successfully because the SSL session was in the process of starting the session, but it has not completed yet. Try the function again at a later time.

Error return

None.

Programming considerations

  • To use this function, you must include the library specified in the prototype in your makefile.
  • If an SSL API call results in an error return code, issue the SSL_get_error function for the following functions to obtain the reason for the error:
    • SSL_accept
    • SSL_connect
    • SSL_read
    • SSL_shutdown
    • SSL_write.
  • Do not use errno or the sock_errno function to determine the cause of an SSL API error. Instead, you must use the SSL_get_error function. However, if you received the SSL_ERROR_SYSCALL return code after issuing the SSL_get_error function, it is appropriate to use the sock_errno function.

TLS 1.3: SSL_ERROR_WANT_READ after the first SSL_read after handshake, but no more data available · Issue #7327 · openssl/openssl https://github.com/openssl/openssl/issues/7327

openssl/SSL_get_error.pod at master · openssl/openssl https://github.com/openssl/openssl/blob/master/doc/man3/SSL_get_error.pod

SSL_ERROR_WANT_READ的更多相关文章

  1. 非阻塞/异步(epoll) openssl

    前段时间在自己的异步网络框架handy中添加openssl的支持,当时在网络上搜索了半天也没有找到很好的例子,后来自己慢慢的摸索,耗费不少时间,终于搞定.因此把相关的资料整理一下,并给出简单的例子,让 ...

  2. openssl 使用非阻塞 bio

    序 在项目中需要访问 https 加密的网页,为了保证并发性,需要用到非阻塞的 socket,搜索发现,这种使用场景的相关介绍不是很多,所以这里记录一下使用的过程. 在项目中,所使用的 ssl 库是老 ...

  3. https大势已来?看腾讯专家如何在高并发压测中支持https

    WeTest 导读 用epoll编写一个高并发网络程序是很常见的任务,但在epoll中加入ssl层的支持则是一个不常见的场景.腾讯WeTest服务器压力测产品,在用户反馈中收到了不少支持https协议 ...

  4. 基于OpenSSL的HTTPS通信C++实现

      HTTPS是以安全为目标的HTTP通道,简单讲是HTTP的安全版.即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL.Nebula是一个为开发者提供一个快速开发 ...

  5. 回首C语言关键字(~回首向来萧瑟处~)

    开篇废话: 本文意在回顾 C 语言中的关键字,整理文件发现当时做的这些笔记还是蛮用心的,有临摹 前辈的足迹也有自己的理解和体会.时至今日2018已经跨过一半,对不起过去半年,今天 拿这篇关键字开篇,开 ...

  6. 在libuv中使用openssl建立ssl连接

    在libuv中使用openssl建立ssl连接 @(blogs) 使用openssl进行加密通信时,通常是先建立socket连接,然后使用SSL_XXX系列函数在普通socket之上建立安全连接,然后 ...

  7. GSOAP服务卡住?

    很久以前参考了https://www.genivia.com/doc/soapdoc2.html 中的一段: How to Create a Multi-Threaded Stand-Alone Se ...

  8. C++ windows客户端支持SSL双向认证

    C++ windows客户端支持SSL双向认证,服务端是JAVA开发的,使用的证书是jks格式的.C++并不支持JKS格式的证书,所以要用openssl进行转换下. 1. 需要先把jks转成.p12文 ...

  9. nginx&http 第五章 https non-fd 读写检测

    EPOLL的LT/ET 模式下的读写 从一个非阻塞的socket上调用recv/send函数, 返回EAGAIN或者EWOULDBLOCK(注: EAGAIN就是EWOULDBLOCK)从字面上看, ...

随机推荐

  1. Q227 Basic Calculator II

    /* 看的答案,设置一个符号变量记录这个数前边的符号是什么,不同的符号进行不同的操作.这点自己想到了. 没想到的是由于乘除相当于一个优先级高的线程,所以要先处理,还有存取前一个乘数或者分子,应该怎么办 ...

  2. 【kinetic】操作系统探索总结(八)键盘控制

    如果尝试过前面的例子,有没有感觉每次让机器人移动还要在终端里输入指令,这也太麻烦了,有没有办法通过键盘来控制机器人的移动呢?答案室当然的了.我研究了其他几个机器人键盘控制的代码,还是有所收获的,最后移 ...

  3. Linux嵌入式学习-网络配置-ping外网、主机和域名

    之前用的nfs挂载的文件系统,今天用yaffs2制作的文件系统并写入到nandflash中.但是网络却无法使用了. 首先,我们配置网卡. ifconfig eth0 192.168.1.230 bro ...

  4. IDEA 使用Git clone项目【建议】

    1.在启动页点击Get from Version Control进行克隆,这样可以减少不必要克隆Bug. 2.项目目录保持一致(保证文件的正确性),父级目录不要有其它任何文件(防止文件名冲突) 3.通 ...

  5. Java学习日报10.2

    1 package random; 2 import java.util.*; 3 import java.math.*; 4 public class Com { 5 6 public static ...

  6. 无延时去斗按键实现方法(不好CPU)

    这一灵感来源于定时器计数的方法,最后可以实现的效果跟咱们电脑键盘按键的效果一样!我先来介绍下基本原理吧! 采用定时器中断的方法,比如定时器终端我们设置为5ms,我们需要按键按下超过40ms时才算有按键 ...

  7. sh -s用法

    1.基本用法 (1)sh -s 会从标准输入中读取命令,并在子shell中执行 (2)sh -s 后从第一个非 - 开头的参数开始,依次被赋值给子shell的 $1,$2... (3)sh -s 的第 ...

  8. —用python写图片格式批量处理工具

    python爬取微博评论(无重复数据) 前言 一.整体思路 二.获取微博地址 1.获取ajax地址 2.解析页面中的微博地址 3.获取指定用户微博地址 三.获取主评论 四.获取子评论 1.解析子评论 ...

  9. [Skill]加速npm与yarn还原

    npm源 使用cnpm alias cnpm="npm --registry=https://registry.npm.taobao.org //或者 npm install -g cnpm ...

  10. Cocos Creator 新资源管理系统剖析

    目录 1.资源与构建 1.1 creator资源文件基础 1.2 资源构建 1.2.1 图片.图集.自动图集 1.2.2 Prefab与场景 1.2.3 资源文件合并规则 2. 理解与使用 Asset ...