<html><body><p><img width="16" height="16" src="cid:1__=8FBB0A62DFF836978f9e8a93df938690918c8FB@" border="0" alt="Inactive hide details for Helge Heß via swift-server-dev ---03/28/2017 05:10:12 AM---On 28. Mar 2017, at 12:03, Johannes Weiß <"><font size="2" color="#424282">Helge Heß via swift-server-dev ---03/28/2017 05:10:12 AM---On 28. Mar 2017, at 12:03, Johannes Weiß <johannesweiss@apple.com> wrote: > Hi Helge and Gelareh,</font><br><br><br><br><tt><font size="2">On 28. Mar 2017, at 12:03, Johannes Weiß <johannesweiss@apple.com> wrote:<br>> Hi Helge and Gelareh,<br>> <br>>> [...]<br>>>> If you are talking about non-blocking by any chance, we have an implementation of this in BlueSSLService (</font></tt><tt><font size="2"><a href="https://github.com/IBM-Swift/BlueSSLService">https://github.com/IBM-Swift/BlueSSLService</a></font></tt><tt><font size="2">) which interfaces with a socket management layer (BlueSocket - </font></tt><tt><font size="2"><a href="https://github.com/IBM-Swift/BlueSocket">https://github.com/IBM-Swift/BlueSocket</a></font></tt><tt><font size="2">).<br>>> <br>>> Sounds good. Do you have an example demonstrating the use of BlueSocket in NIO mode? Like a simple client which just opens a socket connection to a TLS server and reads with NIO configured.<br>> <br>> as far as I understand the source code BlueSocket is blocking IO only. But its API basically breaks the abstraction by giving you (publically!) direct access to the the file descriptor.<br>> <br>> public internal(set) var socketfd: Int32 = SOCKET_INVALID_DESCRIPTOR<br>> <br>> (from: </font></tt><tt><font size="2"><a href="https://github.com/IBM-Swift/BlueSocket/blob/master/Sources/Socket.swift#L772">https://github.com/IBM-Swift/BlueSocket/blob/master/Sources/Socket.swift#L772</a></font></tt><tt><font size="2"> )<br>> <br>> so what you could do is<br>> <br>> fcntl(someBlueSocket.socketFD, O_NONBLOCK, 1)<br>> <br>> and then put in in a kqueue/epoll/DispatchSource . I personally don't think that counts as non-blocking API but it's possible :)<br><br>I think that this would actually be fine for a low level object.<br><br>But I’d like to see this working in the real world :-) The key part being that the TLS layer needs to buffer already read data until the TLS frames are complete. I know that this is possible with OpenSSL, and it was said that it should be possible with the low level macOS stuff, but I’d like to see this actually working. No offence, lets just make sure we don’t miss something in here as this is IMO very important.<br></font></tt><br><br><br><tt><font size="2">[gelareh] </font></tt><br><br><tt><font size="2">@hh: Kitura (which uses Kitura-net) uses non-blocking sockets so that code path is exercised everytime we run Kitura-net on both mac and Linux.</font></tt><br><a href="https://github.com/IBM-Swift/Kitura-net/blob/34176a224a3317be14d0b5f038a690b969095726/Sources/KituraNet/IncomingSocketManager.swift#L111"><tt><font size="2">https://github.com/IBM-Swift/Kitura-net/blob/34176a224a3317be14d0b5f038a690b969095726/Sources/KituraNet/IncomingSocketManager.swift#L111</font></tt></a><br><br><tt><font size="2">I think that covers all the possibilities, but let me know if I'm missing something.</font></tt><br><br><tt><font size="2">@Johannes: in BlueSocket, go to </font></tt><a href="https://github.com/IBM-Swift/BlueSocket/blob/master/Sources/Socket.swift"><tt><font size="2">https://github.com/IBM-Swift/BlueSocket/blob/master/Sources/Socket.swift</font></tt></a><tt><font size="2"> and search for isBlocking. That should give a bunch of places where we test for blocking and where the EAGAIN percolation is managed.</font></tt><br><br><tt><font size="2">g.</font></tt><br><br><br><BR>
</body></html>