Skip site navigation (1) Skip section navigation (2)

Re: Cheapest way to poll for notifications? & Driver improvement question re SSL and notify

From: Craig Ringer <craig(at)postnewspapers(dot)com(dot)au>
To: rsmogura(at)softperience(dot)pl
Cc: PG-JDBC Mailing List <pgsql-jdbc(at)postgresql(dot)org>
Subject: Re: Cheapest way to poll for notifications? & Driver improvement question re SSL and notify
Date: 2009-12-21 12:27:05
Message-ID: 4B2F6999.2050309@postnewspapers.com.au (view raw or flat)
Thread:
Lists: pgsql-generalpgsql-jdbc
On 21/12/2009 5:41 PM, rsmogura(at)softperience(dot)pl wrote:

> One of disadvantage of checking plain socket is that available or read
> uses "under" SSL Layer bytes, which include encrypted data, handshaking
> data (the SSL supports renegotiation and session changes...?), and other
> protocol specific, with no sense for application. But generally when whole
> SSL socket bytes are read, then plain socket _should_ be "empty" too.

Yes - when the plain socket is empty, the SSL socket is also empty. That 
does not imply the inverse, though.

If the plain socket is NOT empty, that does not mean that the SSL socket 
is also NOT empty. As you said, the plain socket underlying the SSL 
socket may have bytes available() but they're just an SSL re-negotiation 
request or the like. So if you try to read from the SSL socket in this 
case, you will still block, even though the underlying socket did have 
bytes available to read.

For available() on an ssl socket to work, you would need to implement it 
by using the underlying SSL implementation to read any data buffered on 
the plain socket (if any), process it, and return the amount of client 
data in it if any. So if the underlying socket's available() returns 0, 
your SSL available() returns 0 also. Otherwise it reads what's there, 
decodes it if it can, and returns how much readable user data it got.

Unfortunately this can't be done with Java's SSLSocket, since you have 
no access to the underlying SSL engine implementation. It *can* be done 
with the Java 5 java.nio API and SSLEngine, possibly via a wrapper like 
SSLSocketChannel, though. In fact, if you're building on java.nio and 
SSLSocketChannel you can use exactly the approach described above.

Really, the requirements to make this work are:

   - a non-blocking SSL socket; or
   - a thread that can afford to block on the socket

--
Craig Ringer

In response to

Responses

pgsql-jdbc by date

Next:From: Craig RingerDate: 2009-12-21 13:44:00
Subject: Re: Cheapest way to poll for notifications? & Driver improvement question re SSL and notify
Previous:From: rsmoguraDate: 2009-12-21 09:41:01
Subject: Re: Cheapest way to poll for notifications? & Driver improvement question re SSL and notify

pgsql-general by date

Next:From: Albe LaurenzDate: 2009-12-21 12:52:22
Subject: Re: Charset Win1250 on Windows and Ubuntu
Previous:From: Adam Tauno WilliamsDate: 2009-12-21 11:43:56
Subject: Re: Something like Oracle Forms, but Open Source to use with PostgreSQL?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group