AP05/openssl/share/man/man7/openssl-quic-concurrency.7ossl

.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.29)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{
.    if \nF \{
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OPENSSL-QUIC-CONCURRENCY 7ossl"
.TH OPENSSL-QUIC-CONCURRENCY 7ossl "2025-04-23" "3.5.1-dev" "OpenSSL"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
openssl\-quic\-concurrency \- OpenSSL QUIC Concurrency Model
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
A \s-1QUIC\s0 domain is a group of \s-1QUIC\s0 resources such as listeners (see
\&\fISSL_new_listener\fR\|(3)) and connections which share common event processing
resources, such as internal pollers, timers and locks. All usage of OpenSSL \s-1QUIC\s0
happens inside a \s-1QUIC\s0 domain.
.PP
These resources can be accessed and used concurrently depending on the
circumstances. This man page discusses the available concurrency models and how
they can be used.
.SH "EXPLICIT AND IMPLICIT QUIC DOMAINS"
.IX Header "EXPLICIT AND IMPLICIT QUIC DOMAINS"
A \s-1QUIC\s0 domain is instantiated either explicitly (\fISSL_new_domain\fR\|(3)) or
implicitly by calling \fISSL_new\fR\|(3) or \fISSL_new_listener\fR\|(3):
.IP "\(bu" 4
An explicit \s-1QUIC\s0 domain is created by and visible to the application as a \s-1QUIC\s0
domain \s-1SSL\s0 object and has other \s-1QUIC SSL\s0 objects created underneath it, such as
listeners or connections.
.IP "\(bu" 4
An implicit \s-1QUIC\s0 domain is one which is created internally due to the direct
creation of a \s-1QUIC\s0 connection or listener \s-1SSL\s0 object; the application does not
explicitly create a \s-1QUIC\s0 domain \s-1SSL\s0 object and never directly references the
domain.
.PP
Explicit creation of a \s-1QUIC\s0 domain provides the greatest level of control for an
application. Applications can use an implicit \s-1QUIC\s0 domain for ease of use and to
avoid needing to create a separate \s-1QUIC\s0 domain \s-1SSL\s0 object.
.PP
Regardless of whether a \s-1QUIC\s0 domain is explicitly created, the internal
processing model is the same and the application must choose an appropriate
concurrency model as discussed below.
.SH "CONCURRENCY MODELS"
.IX Header "CONCURRENCY MODELS"
The OpenSSL \s-1QUIC\s0 implementation supports multiple concurrency models to support
a wide variety of usage scenarios.
.PP
The available concurrency models are as follows:
.IP "\(bu" 4
The \fBSingle-Threaded Concurrency Model (\s-1SCM\s0)\fR, which supports only
application-synchronised single-threaded usage.
.IP "\(bu" 4
The \fBContentive Concurrency Model (\s-1CCM\s0)\fR, which supports multi-threaded usage.
.IP "\(bu" 4
The \fBThread-Assisted Concurrency Model (\s-1TACM\s0)\fR, which also supports
multi-threaded usage and provides assistance to an application for handling \s-1QUIC\s0
timer events.
.PP
The merits of these models are as follows:
.IP "\(bu" 4
The \fBSingle-Threaded Concurrency Model (\s-1SCM\s0)\fR performs no locking or
synchronisation. It is entirely up to the application to synchronise access to
the \s-1QUIC\s0 domain and its subsidiary \s-1SSL\s0 objects.
.Sp
This concurrency model is also useful for an application which wants to use the
OpenSSL \s-1QUIC\s0 implementation as a pure state machine.
.IP "\(bu" 4
The \fBContentive Concurrency Model (\s-1CCM\s0)\fR performs automatic locking when making
\&\s-1API\s0 calls to \s-1SSL\s0 objects in a \s-1QUIC\s0 domain. This provides automatic
synchronisation for multi-threaded usage of \s-1QUIC\s0 objects. For example, different
\&\s-1QUIC\s0 stream \s-1SSL\s0 objects in the same \s-1QUIC\s0 connection can be safely accessed from
different threads.
.Sp
This concurrency model adds the overhead of locking over the Single-Threaded
Concurrency Model in order to support multi-threaded usage, but provides limited
performance in highly contended multi-threaded usage due to its simple approach.
However, it may still prove a good solution for a broad class of applications
which spend the majority of their time in application logic and not in \s-1QUIC I/O\s0
processing.
.Sp
An advantage of this model relative to the more sophisticated concurrency models
below is that it does not create any \s-1OS\s0 threads.
.IP "\(bu" 4
The \fBThread-Assisted Concurrency Model (\s-1TACM\s0)\fR is identical to the Contentive
Concurrency Model except that a thread is spun up in the background to ensure
that \s-1QUIC\s0 timer events are handled in a timely fashion. This ensures that \s-1QUIC\s0
timeout events are handled even if an application does not periodically call
into the \s-1QUIC\s0 domain to ensure that any outstanding QUIC-related timer or
network I/O events are handled. The assist thread contends for the same
resources like any other thread. However, handshake layer events (\s-1TLS\s0) are never
processed by the assist thread.
.PP
The default concurrency model is \s-1CCM\s0 or \s-1TACM,\s0 depending on the \fB\s-1SSL_METHOD\s0\fR
used with a \fB\s-1SSL_CTX\s0\fR. Using \fIOSSL_QUIC_client_method\fR\|(3) results in a default
concurrency model of \s-1CCM,\s0 whereas using \fIOSSL_QUIC_client_thread_method\fR\|(3)
results in a default concurrency model of \s-1TACM.\s0
.PP
Additional concurrency models may be offered in future releases of OpenSSL.
.SH "BLOCKING I/O CAPABILITIES"
.IX Header "BLOCKING I/O CAPABILITIES"
All of the supported concurrency models are capable of supporting blocking I/O
calls, where application-level I/O calls (for example, to \fISSL_read_ex\fR\|(3) or
\&\fISSL_write_ex\fR\|(3) on a \s-1QUIC\s0 stream \s-1SSL\s0 object) block until the request can be
serviced. This includes the use of \fISSL_poll\fR\|(3) in a blocking fashion.
.PP
Supporting blocking \s-1API\s0 calls reliably with multi-threaded usage requires the
creation of additional \s-1OS\s0 resources such as internal file descriptors to allow
threads to be woken when necessary. This creation of internal \s-1OS\s0 resources is
optional and may need to be explicitly requested by an application depending on
the chosen concurrency model. If this functionality is disabled, depending on
the chosen concurrency model, blocking \s-1API\s0 calls may not be available and calls
to \fISSL_set_blocking_mode\fR\|(3) attempting to enable blocking mode may fail,
notwithstanding the following section.
.SS "Legacy Blocking Support Compatibility"
.IX Subsection "Legacy Blocking Support Compatibility"
OpenSSL 3.2 and 3.3 contained a buggy implementation of blocking \s-1QUIC I/O\s0 calls
which is only reliable under single-threaded usage. This functionality is always
available in the Single-Threaded Concurrency Model (\s-1SCM\s0), where it works
reliably.
.PP
For compatibility reasons, this functionality is also available under the
default concurrency model if the application does not explicitly specify a
concurrency model or disable it. This is known as Legacy Blocking Compatibility
Mode, and its usage is not recommended for multi-threaded applications.
.SH "RECOMMENDED USAGE"
.IX Header "RECOMMENDED USAGE"
New applications are advised to choose a concurrency model as follows:
.IP "\(bu" 4
A purely single-threaded application, or an application which wishes to use
OpenSSL \s-1QUIC\s0 as a state machine and manage synchronisation itself, should
explicitly select the \s-1SCM\s0 concurrency model.
.IP "\(bu" 4
An application which wants to engage in multi-threaded usage of different \s-1QUIC\s0
connections or streams in the same \s-1QUIC\s0 domain should a) select the \s-1CCM\s0 or \s-1TACM\s0
concurrency model and b) explicitly opt in or out of blocking I/O support
(depending on whether the application wishes to make blocking I/O calls),
disabling Legacy Blocking Compatibility Mode.
.Sp
An application should select the \s-1CCM\s0 concurrency model if the application can
guarantee that a \s-1QUIC\s0 domain will be serviced regularly (for example, because
the application can guarantee that the timeout returned by
\&\fISSL_get_event_timeout\fR\|(3) will be handled). If an application is unable to do
this, it should select the \s-1TACM\s0 concurrency model.
.IP "\(bu" 4
Applications should explicitly configure a concurrency model during
initialisation.
.SH "CONFIGURING A CONCURRENCY MODEL"
.IX Header "CONFIGURING A CONCURRENCY MODEL"
If using an explicit \s-1QUIC\s0 domain, a concurrency model is chosen when calling
\&\fISSL_new_domain\fR\|(3) by specifying zero or more of the following flags:
.IP "\fB\s-1SSL_DOMAIN_FLAG_SINGLE_THREAD\s0\fR" 4
.IX Item "SSL_DOMAIN_FLAG_SINGLE_THREAD"
Specifying this flag configures the Single-Threaded Concurrency Model (\s-1SCM\s0).
.IP "\fB\s-1SSL_DOMAIN_FLAG_MULTI_THREAD\s0\fR" 4
.IX Item "SSL_DOMAIN_FLAG_MULTI_THREAD"
Speciyfing this flag configures the Contentive Concurrency Model (\s-1CCM\s0) (unless
\&\fB\s-1SSL_DOMAIN_FLAG_THREAD_ASSISTED\s0\fR is also specified).
.IP "\fB\s-1SSL_DOMAIN_FLAG_THREAD_ASSISTED\s0\fR" 4
.IX Item "SSL_DOMAIN_FLAG_THREAD_ASSISTED"
Specifying this flag configures the Thread-Assisted Concurrency Model (\s-1TACM\s0).
It implies \fB\s-1SSL_DOMAIN_FLAG_MULTI_THREAD\s0\fR.
.IP "\fB\s-1SSL_DOMAIN_FLAG_BLOCKING\s0\fR" 4
.IX Item "SSL_DOMAIN_FLAG_BLOCKING"
Enable reliable support for blocking I/O calls, allocating whatever \s-1OS\s0 resources
are necessary to realise this. If this flag is specified,
\&\fB\s-1SSL_DOMAIN_FLAG_LEGACY_BLOCKING\s0\fR is ignored.
.Sp
Details on the allocated \s-1OS\s0 resources can be found under \*(L"\s-1CONSUMPTION OF OS
RESOURCES\*(R"\s0 below.
.IP "\fB\s-1SSL_DOMAIN_FLAG_LEGACY_BLOCKING\s0\fR" 4
.IX Item "SSL_DOMAIN_FLAG_LEGACY_BLOCKING"
Enables legacy blocking compatibility mode. See \*(L"Legacy Blocking Support
Compatibility\*(R".
.PP
Mutually exclusive flag combinations result in an error (for example, combining
\&\fB\s-1SSL_DOMAIN_FLAG_SINGLE_THREAD\s0\fR and \fB\s-1SSL_DOMAIN_FLAG_MULTI_THREADED\s0\fR).
.PP
The concurrency model for a domain cannot be changed after the domain is
created.
.SS "Default Behaviour"
.IX Subsection "Default Behaviour"
If none of \fB\s-1SSL_DOMAIN_FLAG_SINGLE_THREAD\s0\fR, \fB\s-1SSL_DOMAIN_FLAG_MULTI_THREAD\s0\fR or
\&\fB\s-1SSL_DOMAIN_FLAG_THREAD_ASSISTED\s0\fR are provided to \fISSL_new_domain\fR\|(3) or
another constructor function which can accept the above flags, the default
concurrency model set on the \fB\s-1SSL_CTX\s0\fR is used. This default can be set and get
using \fISSL_CTX_set_domain_flags\fR\|(3) and \fISSL_CTX_get_domain_flags\fR\|(3). Any
additional flags provided (for example, \fB\s-1SSL_DOMAIN_FLAG_BLOCCKING\s0\fR) are added
to the set of inherited flags.
.PP
The default concurrency model set on a newly created \fB\s-1SSL_CTX\s0\fR is determined as
follows:
.IP "\(bu" 4
If an \fB\s-1SSL_METHOD\s0\fR of \fIOSSL_QUIC_client_thread_method\fR\|(3) is used, the
Thread-Assisted Concurrency Model (\s-1TACM\s0) is used with the
\&\fB\s-1SSL_DOMAIN_FLAG_BLOCKING\s0\fR flag. This provides reliable blocking functionality.
.IP "\(bu" 4
Otherwise, if OpenSSL was built without threading support, the Single-Threaded
Concurrency Model (\s-1SCM\s0) is used, with the \fB\s-1SSL_DOMAIN_FLAG_LEGACY_BLOCKING\s0\fR
flag.
.IP "\(bu" 4
Otherwise, if an \fB\s-1SSL_METHOD\s0\fR of \fIOSSL_QUIC_client_method\fR\|(3) is used, the
Contentive Concurrency Model (\s-1CCM\s0) is used with the
\&\fB\s-1SSL_DOMAIN_FLAG_LEGACY_BLOCKING\s0\fR flag.
.IP "\(bu" 4
Otherwise, the Contentive Concurrency Model (\s-1CCM\s0) is used.
.PP
The default concurrency model may vary between releases of OpenSSL. An
application may specify one or more of the domain flags above to ensure
consistent usage of a specific concurrency model between releases.
.SS "Configuration of Concurrency Models with Implicit \s-1QUIC\s0 Domains"
.IX Subsection "Configuration of Concurrency Models with Implicit QUIC Domains"
If an explicit \s-1QUIC\s0 domain is not explicitly created using \fISSL_new_domain\fR\|(3),
an implicit \s-1QUIC\s0 domain is created when calling \fISSL_new_listener\fR\|(3) or
\&\fISSL_new\fR\|(3). Such a domain will use the default domain flags configured on the
\&\fB\s-1SSL_CTX\s0\fR as described above.
.SH "CONSUMPTION OF OS RESOURCES"
.IX Header "CONSUMPTION OF OS RESOURCES"
If full blocking I/O support is selected using \fB\s-1SSL_DOMAIN_FLAG_BLOCKING\s0\fR, at
least one socket, socket-like \s-1OS\s0 handle or file descriptor must be allocated to
allow one thread to wake other threads which may be blocking in calls to \s-1OS\s0
socket polling interfaces such as \fIselect\fR\|(2) or \fIpoll\fR\|(2). This is allocated
automatically internally by OpenSSL.
.PP
If the Thread-Assisted Concurrency Model (\s-1TACM\s0) is selected, a background thread
is spawned. This also implies \fB\s-1SSL_DOMAIN_FLAG_BLOCKING\s0\fR and the above.
.PP
The internal consumption by OpenSSL of mutexes, condition variables, spin locks
or other similar thread synchronisation primitives is unspecified under all
concurrency models.
.PP
The internal consumption by OpenSSL of threads is unspecified under the
Thread-Assisted Concurrency Model.
.PP
The internal consumption by OpenSSL of sockets, socket-like \s-1OS\s0 handles or file
descriptors, or other resources as needed to support inter-thread notification,
is unspecified under the Thread-Assisted Concurrency Model or when using
\&\fB\s-1SSL_DOMAIN_FLAG_BLOCKING\s0\fR.
.SH "BEHAVIOUR OF SSL OBJECTS"
.IX Header "BEHAVIOUR OF SSL OBJECTS"
A \s-1QUIC SSL\s0 object has blocking mode enabled by default where \fBall\fR of the
following criteria are met:
.IP "\(bu" 4
\&\fB\s-1SSL_DOMAIN_FLAG_BLOCKING\s0\fR or \fB\s-1SSL_DOMAIN_FLAG_LEGACY_BLOCKING\s0\fR is enabled;
and
.IP "\(bu" 4
The \s-1QUIC\s0 connection is being used with network read and write BIOs which expose
supported poll descriptors. See \fIopenssl\-quic\fR\|(7) for details.
.PP
In all other cases, a \s-1QUIC SSL\s0 object has blocking mode disabled by default. The
blocking mode can be changed explicitly using \fISSL_set_blocking_mode\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIopenssl\-quic\fR\|(7), \fISSL_handle_events\fR\|(3), \fISSL_get_event_timeout\fR\|(3),
\&\fIOSSL_QUIC_client_thread_method\fR\|(3), \fISSL_CTX_set_domain_flags\fR\|(3),
\&\fISSL_new_domain\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2024\-2025 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.