httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject RE: [PATCH] Take 2, ssl_engine_io.c BIO and brigades refactored
Date Fri, 01 Nov 2002 03:13:12 GMT
That's not necessarily good, but it's to be expected.

I followed the original idea of moving over to an HTTP/0.9 to emit
the HTTP over HTTPS error.  However, it didn't occur to me that
a client sending that request would be looking for the HTTP/1.0
headers.  Good point here.

Now the really, really big problem.  The original logic was borked,
since we passed on the "GET / HTTP/1.0" pseudo-request (without
so much as a newline!!!)  Then we did nothing.  So the http headers 
filter kept reading the origin brigade for headers (and some badly 
formatted text).  What we want is to pass a dummy 
"GET / HTTP/1.0\n\n" on.  Or we want to salvage the already
consumed original HTTP request text and just live with that.  Since
SSL has already eaten those 11 bytes, we are sort of at a loss.

No good solution.  But *if* this is the only error (HTTP/0.9 responses
in reaction to HTTP over HTTPS), I'd ask if I could get a few +1's so 
I can proceed with the effort (on to the SSL write BIO, then back to 
addressing the HTTP over HTTPS fooness.)


At 08:44 PM 10/31/2002, you wrote:
>I couldn't look much into it (because of some other thing that came up), but
>the perl-framework gives a failure at :
>ssl/http............response had protocol HTTP/0.9 (headers not sent?) at
> line 405.
>        Test returned status 9 (wstat 2304, 0x900)
>DIED. FAILED tests 1-2
>        Failed 2/2 tests, 0.00% okay
>> -----Original Message-----
>> From: William A. Rowe, Jr. []
>> Sent: Thursday, October 31, 2002 4:43 PM
>> To:
>> Subject: [PATCH] Take 2, ssl_engine_io.c BIO and brigades refactored
>> Folks, once again, please take a look at the attached code.  This time
>> around, it actually works ;-)
>> This is correct only for the input BIO layer.  The output BIO 
>> layer still
>> needs alot of work.
>> Although I merged SSL_read from two into a single function (against 
>> other's preferences), it's necessary because the error cases were
>> impossible to grok.  I did split out the bucket_read into a 
>> brigade_consume
>> function so that half, at least, is much easier to follow.
>> brigade_consume is much like brigade_flatten.  However, they aren't
>> identical, because you can't do non-blocking reads with 
>> brigade_flatten.
>> The changes to the SSL input effectively force some data to 
>> be returned
>> if the filter read was blocking.  However, we will not 
>> attempt to pull more
>> information off the wire than is available.
>> The biggest issue throughout the old code is exception handling.  Of
>> course the existing code 'worked' in a way, as long as the flow wasn't
>> interrupted and no other errors occured.
>> I've tested some POST requests, but if someone can put this on
>> the httpd-test/perl-framework and exercise it, I'd really 
>> appreciate it.
>> Now I'll get to work on the write side of the equation.
>> Bill

View raw message