Ticket #3958 (closed Bugs: fixed)

Opened 7 years ago

Last modified 6 years ago

ssl::stream async_read_some and async_write_some handlers never run concurrently

Reported by: L McGuinness <lorcan.mcguinness@…> Owned by: chris_kohlhoff
Milestone: To Be Determined Component: asio
Version: Boost 1.42.0 Severity: Problem
Keywords: openssl ssl strand concurrency asio Cc: samjmill@…


Handlers passed to ssl::stream::async_read_some and ssl::stream::async_write_some are always invoked in the context of a strand. This strand is a member of openssl_stream_service, which is typically a process-wide instance.

The effect of this is that a time-consuming async_read_some handler on one ssl::stream instance can block all other async_read_some and async_write_some handlers on other instances of ssl::stream.

The code that does this is in boost/asio/ssl/detail/openssl_operation.hpp. Line 319 performs strand::wrap on the callback to openssl_operation::async_write_handler. At lines 367 and 373, async_write_handler invokes the user's handler function (passed to ssl::stream::async_write_some). This runs in the context of strand_.

The strand instance in this case is always openssl_stream_service::strand_, as can be seen in asio/ssl/detail/openssl_stream_service.hpp, line 395.

The situation for async_read_handler is similar.

Change History

comment:1 Changed 7 years ago by samjmill@…

  • Cc samjmill@… added

comment:2 Changed 7 years ago by anonymous

This bug leads to such a great performance degradation. SSL version of my sample appliction is about 50 times slower than the same application with raw TCP/IP sockets.

comment:3 Changed 7 years ago by tianhao.qiu@…

comment:4 follow-up: ↓ 5 Changed 6 years ago by dremon

This patch also solves a deadlock problem when making recursive connection to the server. There was a deadlocked async_handshake called from the read_handler, now it works ok with this patch.

comment:5 in reply to: ↑ 4 Changed 6 years ago by anonymous

Correction: it still deadlocks occasionally, but at least the server still accepts other connections. Without the patch the server was completely locked.

comment:6 Changed 6 years ago by fred

I thought that with open-sources, fixes come quickly... tianhao provided a fix (thanks for him)... Why is it so long to integrate it in the next release?

comment:7 Changed 6 years ago by chris_kohlhoff

  • Status changed from new to closed
  • Resolution set to fixed

As of [72428], release branch contains the new SSL implementation.


Add a comment

Modify Ticket

Change Properties
<Author field>
as closed
The resolution will be deleted. Next status will be 'reopened'

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.