httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 52476] SSL failures on windows with AcceptFilter https none
Date Wed, 18 Jan 2012 23:55:40 GMT

--- Comment #11 from Rainer Jung <> 2012-01-18 23:55:40 UTC ---

thanks a lot for testing. I must explain, that Sleep(1) was a bit to simple as
an explanation. The ssl_io_data_dump() function is registered as a callback
with the OpenSSL BIO layer, which does the low level I/O. The callback is
normally only used to log data read when debug logging is on. But is is called
before and after each BIO operation by OpenSSL.

The first call is before the first read. The first read expects 11 bytes, but
when actually trying to read them we get an error code. Bill's expectation is,
that the first read happens to early and the error code is not a fatal one, but
instead an error code that tells us to try again.

By adding the Sleep(), we give the client a little more time to actually
deliver the first bytes. This is obviously not a fix, but an interesting way to
harden Bill's EAGAIN explanation.

Now I was choosing Sleep(1) and it helped here, but the "1" would depend on how
long we expect the client needs to send the first handshake bytes. The
observation, that a "1" helps a bit but some requests are still broken is
somewhat expected. If you increase the "1", say to "10" and then "50", the
number of broken requests should drop to a very small percentage.

I hope Bill will give us hints, where we do have to look for the missing
handling of EAGAIN.



Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message