Add s_server and s_client async support

A new -async option is added which activates SSL_MODE_ASYNC. Also SSL_WANT_ASYNC errors are handled appropriately. Reviewed-by: N Rich Salz <rsalz@openssl.org>

Add s_server and s_client async support
A new -async option is added which activates SSL_MODE_ASYNC. Also SSL_WANT_ASYNC errors are handled appropriately. Reviewed-by: N Rich Salz <rsalz@openssl.org>
7e25dd6d · Matt Caswell · 07bbc92c · 7e25dd6d · 7e25dd6d
显示空白变更内容
内联并排

Showing with 62 addition and 20 deletion

apps/s_client.c apps/s_client.c +21 -0

apps/s_server.c apps/s_server.c +41 -20

未找到文件。
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -182,6 +182,7 @@ extern int verify_error;
 extern int verify_return_error;
 extern int verify_quiet;
+static int async = 0;
 static int c_nbio = 0;
 static int c_tlsextdebug = 0;
 static int c_status_req = 0;
@@ -472,6 +473,7 @@ typedef enum OPTION_choice {
    OPT_CHAINCAFILE, OPT_VERIFYCAFILE, OPT_NEXTPROTONEG, OPT_ALPN,
    OPT_SERVERINFO, OPT_STARTTLS, OPT_SERVERNAME, OPT_JPAKE,
    OPT_USE_SRTP, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN, OPT_SMTPHOST,
+    OPT_ASYNC,
    OPT_V_ENUM,
    OPT_X_ENUM,
    OPT_S_ENUM,
@@ -557,6 +559,7 @@ OPTIONS s_client_options[] = {
     "types  Send empty ClientHello extensions (comma-separated numbers)"},
    {"alpn", OPT_ALPN, 's',
     "Enable ALPN extension, considering named protocols supported (comma-separated list)"},
+    {"async", OPT_ASYNC, '-', "Support asynchronous operation"},
    OPT_S_OPTIONS,
    OPT_V_OPTIONS,
    OPT_X_OPTIONS,
@@ -1061,6 +1064,9 @@ int s_client_main(int argc, char **argv)
        case OPT_KEYMATEXPORTLEN:
            keymatexportlen = atoi(opt_arg());
            break;
+        case OPT_ASYNC:
+            async = 1;
+            break;
        }
    }
    argc = opt_num_rest();
@@ -1199,6 +1205,9 @@ int s_client_main(int argc, char **argv)
        goto end;
    }
+    if (async)
+        SSL_CTX_set_mode(ctx, SSL_MODE_ASYNC);
    if (!config_ctx(cctx, ssl_args, ctx, 1, jpake_secret == NULL))
        goto end;
@@ -1883,6 +1892,11 @@ int s_client_main(int argc, char **argv)
                write_ssl = 1;
                read_tty = 0;
                break;
+            case SSL_ERROR_WANT_ASYNC:
+                BIO_printf(bio_c_out, "write A BLOCK\n");
+                write_ssl = 1;
+                read_tty = 0;
+                break;
            case SSL_ERROR_WANT_READ:
                BIO_printf(bio_c_out, "write R BLOCK\n");
                write_tty = 0;
@@ -1965,6 +1979,13 @@ int s_client_main(int argc, char **argv)
                read_ssl = 0;
                write_tty = 1;
                break;
+            case SSL_ERROR_WANT_ASYNC:
+                BIO_printf(bio_c_out, "read A BLOCK\n");
+                write_tty = 0;
+                read_ssl = 1;
+                if ((read_tty == 0) && (write_ssl == 0))
+                    write_ssl = 1;
+                break;
            case SSL_ERROR_WANT_WRITE:
                BIO_printf(bio_c_out, "read W BLOCK\n");
                write_ssl = 1;

--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -252,6 +252,8 @@ static int s_brief = 0;
 static char *keymatexportlabel = NULL;
 static int keymatexportlen = 20;
+static int async = 0;
 #ifndef OPENSSL_NO_ENGINE
 static char *engine_id = NULL;
 #endif
@@ -402,6 +404,7 @@ static void s_server_init(void)
    s_msg = 0;
    s_quiet = 0;
    s_brief = 0;
+    async = 0;
 #ifndef OPENSSL_NO_ENGINE
    engine_id = NULL;
 #endif
@@ -805,7 +808,7 @@ typedef enum OPTION_choice {
    OPT_SECURITY_DEBUG, OPT_SECURITY_DEBUG_VERBOSE, OPT_STATE, OPT_CRLF,
    OPT_QUIET, OPT_BRIEF, OPT_NO_TMP_RSA, OPT_NO_DHE, OPT_NO_ECDHE,
    OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE,
-    OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP,
+    OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC,
    OPT_SSL3,
    OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
    OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_CHAIN, OPT_LISTEN,
@@ -914,6 +917,7 @@ OPTIONS s_server_options[] = {
    {"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-'},
    {"brief", OPT_BRIEF, '-'},
    {"rev", OPT_REV, '-'},
+    {"async", OPT_ASYNC, '-', "Operate in asynchronous mode"},
    OPT_S_OPTIONS,
    OPT_V_OPTIONS,
    OPT_X_OPTIONS,
@@ -1438,6 +1442,9 @@ int s_server_main(int argc, char *argv[])
        case OPT_KEYMATEXPORTLEN:
            keymatexportlen = atoi(opt_arg());
            break;
+        case OPT_ASYNC:
+            async = 1;
+            break;
        }
    }
    argc = opt_num_rest();
@@ -1650,6 +1657,9 @@ int s_server_main(int argc, char *argv[])
    else
        SSL_CTX_sess_set_cache_size(ctx, 128);
+    if (async)
+        SSL_CTX_set_mode(ctx, SSL_MODE_ASYNC);
 #ifndef OPENSSL_NO_SRTP
    if (srtp_profiles != NULL) {
        /* Returns 0 on success! */
@@ -1721,6 +1731,9 @@ int s_server_main(int argc, char *argv[])
        else
            SSL_CTX_sess_set_cache_size(ctx2, 128);
+        if (async)
+			SSL_CTX_set_mode(ctx2, SSL_MODE_ASYNC);
        if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
            (!SSL_CTX_set_default_verify_paths(ctx2))) {
            ERR_print_errors(bio_err);
@@ -2281,6 +2294,9 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
                switch (SSL_get_error(con, k)) {
                case SSL_ERROR_NONE:
                    break;
+                case SSL_ERROR_WANT_ASYNC:
+                    BIO_printf(bio_s_out, "Write BLOCK (Async)\n");
+                    break;
                case SSL_ERROR_WANT_WRITE:
                case SSL_ERROR_WANT_READ:
                case SSL_ERROR_WANT_X509_LOOKUP:
@@ -2345,6 +2361,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
                    if (SSL_pending(con))
                        goto again;
                    break;
+                case SSL_ERROR_WANT_ASYNC:
                case SSL_ERROR_WANT_WRITE:
                case SSL_ERROR_WANT_READ:
                    BIO_printf(bio_s_out, "Read BLOCK\n");
@@ -2423,6 +2440,8 @@ static int init_ssl_connection(SSL *con)
        }
    } else
 #endif
+    do {
        i = SSL_accept(con);
 #ifdef CERT_CB_TEST_RETRY
@@ -2435,6 +2454,7 @@ static int init_ssl_connection(SSL *con)
            }
        }
 #endif
 #ifndef OPENSSL_NO_SRP
        while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
            BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
@@ -2450,6 +2470,7 @@ static int init_ssl_connection(SSL *con)
            i = SSL_accept(con);
        }
 #endif
+    } while (i < 0 && SSL_waiting_for_async(con));
    if (i <= 0) {
        if ((dtlslisten && i == 0)