HPCC-31474 Refactor dafilesrv handling to cope with SSL/non-blocking #18437
Conversation
system/jlib/jsocket.hpp
Outdated
| extern jlib_decl IJSOCK_Exception* createJSocketException(int jsockErr, const char *_msg, const char *file, unsigned line); | ||
| extern jlib_decl void throwJSockException(int jsockErr, const char *_msg, const char *file, unsigned line); | ||
| #define THROWJSOCKEXCEPTION(exc) throwJSockException(exc, nullptr, __FILE__, __LINE__) | ||
| #define THROWJSOCKEXCEPTION_X(exc, msg) throwJSockException(exc, msg, __FILE__, __LINE__) |
There was a problem hiding this comment.
THROWJSOCKETEXCEPTION_MSG() ?
| { | ||
| readTimeout(buf, min_size, max_size, size_read, timeoutms, false); | ||
| unsigned remainingMs = timer.remainingMs(timeoutMs); | ||
| rc = wait_read(remainingMs); |
There was a problem hiding this comment.
If we get a SSL_WANT_WRITE error then should we call wait_write() here instead of wait_read() ?
There was a problem hiding this comment.
I guess so, I haven't seen SSL_WANT_WRITE occur in testing, but.. will change to handle either.
| throw createJSocketException(JSOCKERR_broken_pipe, errmsg); | ||
| } | ||
| return numwritten; | ||
| if (err != SSL_ERROR_WANT_WRITE || !nonBlocking) |
There was a problem hiding this comment.
SSL_write() nonblocking can return SSL_WANT_READ in which case we can call wait_read() to see when to continue ...
There was a problem hiding this comment.
agreed, will change to handle either.
| @@ -296,7 +296,7 @@ class jlib_decl ISocket : extends IInterface | |||
| unsigned timeout) = 0; | |||
| virtual void read(void* buf, size32_t size) = 0; | |||
| virtual size32_t write(void const* buf, size32_t size) = 0; // returns amount written normally same as in size (see set_nonblock) | |||
| virtual size32_t writetms(void const* buf, size32_t size, unsigned timeoutms=WAIT_FOREVER) = 0; | |||
| virtual size32_t writetms(void const* buf, size32_t minSize, size32_t size, unsigned timeoutms=WAIT_FOREVER) = 0; | |||
There was a problem hiding this comment.
Why add a minSize arg to writetms() ? Is it to match readtms() ?
There was a problem hiding this comment.
Yes, writetms was not previously used, but to make consistent added so that writetms can write a minimum of minSize before returning.
NB: not used in practice by secure socket (see comment re. SSL_MODE_ENABLE_PARTIAL_WRITE)
system/jlib/jsocket.cpp
Outdated
| size32_t sizeRead = 0; | ||
| if (0 == max_size) | ||
| { | ||
| _sizeRead = 0; |
There was a problem hiding this comment.
Before this change wait_read() was called which means a read(buf, 0, 0, ...) could throw socket closed or some other exception. Not sure if we ever call readtms() with a max_size of 0 but this would possibly act differently if we did.
There was a problem hiding this comment.
Doubt readtms is ever called with max_size=0, but seems wrong to call wait_read if it were
| if (0 == msg.length()) // 1st time | ||
| msgWritePtr = (byte *)msg.reserveTruncate(sizeof(size32_t)); | ||
| size32_t szRead; | ||
| sock->read(msgWritePtr, 1, sizeof(size32_t)-left, szRead); |
There was a problem hiding this comment.
why not just make the min_size sizeof(size32_t) here ?
There was a problem hiding this comment.
because don't want to block, which readtms would do (loop internally), waiting for that min_size.
We have been notified there's something on the wire, but we don't know how much, could be < sizeof(size32_t)
There was a problem hiding this comment.
This could probably be further improved by utilizing a very small (or 0) timeout, particular with the SSL version in mind.
In could have been notified due to low level SSL packet data, then wait inside readtms for min_size(=1).
That should be fine in any case, but it would be better not to block here in the select handler at all.
A timeout could allow it to bail out and potentially let other sockets be processed.
However, it would need a bit more refactoring of readtms and the calling code, to ensure that any bytes that had been read, were accounted for.
There was a problem hiding this comment.
Yes, can we make it use readtms() with a small timeout here and below.
| toread = left; | ||
| msg.clear(); | ||
| size32_t szRead; | ||
| sock->read(msgWritePtr, 1, left, szRead); |
There was a problem hiding this comment.
can we make min_size here left ? Either we get as much as we know we need or we time out ?
There was a problem hiding this comment.
We don't want to block the select handler, so that other sockets are serviced.
This reads as much as it can then returns, to be notified to read more/rest when notified again.
| } | ||
| return false; | ||
| return true; |
There was a problem hiding this comment.
do we use the return value anywhere ?
| } | ||
|
|
||
| inline unsigned socketTimeRemaining(bool useSeconds, unsigned start, unsigned timeout) | ||
| void CSecureSocket::readtms(void* buf, size32_t min_size, size32_t max_size, size32_t &_sizeRead, unsigned timeoutMs) |
There was a problem hiding this comment.
I might be inclined to make this always be nonblocking inside here so we can ensure we never block ?
There was a problem hiding this comment.
why? If client code using a socket wants it to be blocking, this code should work (and block) but that's okay afaics (depends on the use case).
jakesmith
changed the title
|
@mckellyln - please see replies + new commit |
| @@ -244,7 +246,11 @@ class CSecureSocket : implements ISecureSocket, public CInterface | |||
| // | |||
| virtual bool set_nonblock(bool on) // returns old state | |||
| { | |||
| throw MakeStringException(-1, "CSecureSocket::set_nonblock: not implemented"); | |||
| bool prevState = m_socket->set_nonblock(on); | |||
| int flags = fcntl(SSL_get_fd(m_ssl), F_GETFL, 0); | |||
There was a problem hiding this comment.
minor comment - why set without checking first, and why get the flags and confirm after setting ? for example. if already nonblocking and want to set nonblocking true then just return ?
And if we want to change it, we set this in CSocket::set_nonblock() so why check it after setting it ?
|
@mckellyln - please see modified secure set_nonblock impl. |
|
@ghalliday - will leave it as separate commits for now. |
| } | ||
| else if (0 == rc) | ||
| { | ||
| if (0 == min_size) // mirror behviour of jsocket impl. |
system/jlib/jsocket.cpp
Outdated
| if (rc == 0) | ||
| { | ||
| state = ss_shutdown; | ||
| if (min_size==0) |
There was a problem hiding this comment.
is if (sizeRead >= min_size) better?
There was a problem hiding this comment.
I think in this case, yes, that may be better/more correct.
This condition is suppressing the graceful close in the specific case when min_size is 0 at the moment.
This kept the previous semantics.
I think it would be safe to change and do so if sizeRead >= min_size here and in securesocket
I'll change it.
system/jlib/jsocket.cpp
Outdated
| goto EintrRetry; | ||
| if (nonblocking && (err == JSE_WOULDBLOCK || err == EAGAIN)) // if EGAIN or EWOULDBLOCK - no more data to read | ||
| { | ||
| if (0 == min_size) // if min_read is 0, then whatever we have read so far is good enough (even if 0) |
There was a problem hiding this comment.
Should this also be tested if blocking (or any error, and rc == 0)?
There was a problem hiding this comment.
if (sizeRead >= min_size)?
as with the similar code in secure socket (and unlike the same test when rc==0), I think this is okay as it is, because if min_size > 0, and sizeRead > 0, then it would have already checked sizeRead >= min_size in the (rc > 0) block.
There was a problem hiding this comment.
Should this also be tested if blocking (or any error, and rc == 0)?
I don't think so. Any error condition which are all conditions where rc < 0, should fire an error I think.
When nonBlocked is on, this code is checking an exception that rule where the error may be indicate blocked.
There was a problem hiding this comment.
ok. Comment could be improved then to avoid confusion - since this will never have read anything so far.
There was a problem hiding this comment.
ok. Comment could be improved then to avoid confusion - since this will never have read anything so far.
changed comments, and squashed.
@ghalliday - please review/merge.
|
@ghalliday - please see responses and last commit. |
system/jlib/jsocket.cpp
Outdated
| goto EintrRetry; | ||
| if (nonblocking && (err == JSE_WOULDBLOCK || err == EAGAIN)) // if EGAIN or EWOULDBLOCK - no more data to read | ||
| { | ||
| if (0 == min_size) // if min_read is 0, then whatever we have read so far is good enough (even if 0) |
There was a problem hiding this comment.
ok. Comment could be improved then to avoid confusion - since this will never have read anything so far.
Cleanup and refactor the jsocket and securesocket readtms/writetms and derivatives to cope with nonblocking sockets. Symantically they remain the same. e.g. readtms will not return until it has written at least min_size. Duplicate/very similar code in dedupped/consolidated into readtms and writetms 1) in non-blocking mode, readtms would fire an exception if socket not ready (EWOULDBLOCK, EAGAIN). 2) jsocket writetms would temporarily place a non-blocking socket into nonblocking mode. Now writetms takes a minSize (akin to readtms minSize). It will return if at least this much is written (but normal usage is with min=max). NB: previous writetms in both implementations were not called anywhere. 3) in non-blocking mode securesocket readtms and writetms would previously fail if blocked Signed-off-by: Jake Smith <[email protected]>
jakesmith
force-pushed
the
HPCC-31474-dafs-refactor-ssl-read
branch
from
0e6f993 to
3a5e979
Compare
ghalliday
merged commit a782d9a
into
hpcc-systems:candidate-9.6.x
| if (-1 == flags) // unknown | ||
| nonBlocking = false; | ||
| else | ||
| nonBlocking = 0 != (flags & O_NONBLOCK); |
There was a problem hiding this comment.
@jakesmith this change is breaking the windows build...
Type of change:
Checklist:
Smoketest:
Testing: