httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: svn commit: r1705236 - /httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
Date Fri, 25 Sep 2015 13:54:56 GMT
On Fri, Sep 25, 2015 at 10:30 AM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
> On Fri, Sep 25, 2015 at 10:20 AM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
>>
>> Any other way around?
>
> Couldn't mod_ssl know by openssl when SSL "administrative" data are
> out and then bucket-FLUSH?

Actually, the discussion in PR 46952 (mentioned in the comment around
the flush) shows that OpenSSL should ask for the flush when necessary,
and that it should have been fixed uptream with:

 Changes between 0.9.8l and 0.9.8m [25 Feb 2010]

  *) The code that handled flushing of data in SSL/TLS originally used the
     BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
     the problem outlined in PR#1949. The fix suggested there however can
     trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
     of Apache). So instead simplify the code to flush unconditionally.
     This should be fine since flushing with no data to flush is a no op.
     [Steve Henson]

Couldn't we completely remove the flush from bio_filter_in_read() then?
Or make it conditional to OpenSSL < 0.9.8m (since we support 0.9.8a at least)?

Mime
View raw message