Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B796118D42 for ; Fri, 25 Sep 2015 13:55:08 +0000 (UTC) Received: (qmail 33831 invoked by uid 500); 25 Sep 2015 13:55:04 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 33746 invoked by uid 500); 25 Sep 2015 13:55:04 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 33703 invoked by uid 99); 25 Sep 2015 13:55:04 -0000 Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 25 Sep 2015 13:55:04 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 21C28C29C2 for ; Fri, 25 Sep 2015 13:55:04 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.121 X-Spam-Level: X-Spam-Status: No, score=-0.121 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd1-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-us-east.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id ZwEraF3ez4J7 for ; Fri, 25 Sep 2015 13:55:03 +0000 (UTC) Received: from mail-qk0-f178.google.com (mail-qk0-f178.google.com [209.85.220.178]) by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with ESMTPS id 76B3242B30 for ; Fri, 25 Sep 2015 13:55:03 +0000 (UTC) Received: by qkdw123 with SMTP id w123so42228637qkd.0 for ; Fri, 25 Sep 2015 06:54:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=idK6i//QZYQzZVw0OCwuQLiAb8m8pDHt7zx+HdsqXLc=; b=Ve1CYS3P9Jx/awPljaXTAvSomBOWDj0jqJHFaADFTx/ChNQ2Jwe5jplKcBslUsTEzL 1HUZHMxqoKmu2UjeBQTQ4krdGIOJvAHTtXFjXvMGk0on8+fInwBfiXgH6jvRASbgx3w+ fR4sO2IlevnCkF8u4satqgk0hWY6RapsH55bCMS8KiGGHJGqBeQVVaO2lESahO2UiGzl UFjQd3tan5mheI0dsvxqXNgZ8oipHgFH6uhhXoiIuP6rzyWmCpLhGiC9THA6bhjeQ/8n cW2VVOsjuQuST+UlWE+OW/jOdYzvt63alCOMSKtjlxpOeQoWvtbT8V9rTzN83qXgvoNH bP6g== MIME-Version: 1.0 X-Received: by 10.55.195.80 with SMTP id a77mr6388832qkj.2.1443189296856; Fri, 25 Sep 2015 06:54:56 -0700 (PDT) Received: by 10.55.72.20 with HTTP; Fri, 25 Sep 2015 06:54:56 -0700 (PDT) In-Reply-To: References: <20150925072706.5C2D83A0233@svn01-us-west.apache.org> <5604FF5A.90101@apache.org> Date: Fri, 25 Sep 2015 15:54:56 +0200 Message-ID: Subject: Re: svn commit: r1705236 - /httpd/httpd/trunk/modules/ssl/ssl_engine_io.c From: Yann Ylavic To: dev@httpd.apache.org Content-Type: text/plain; charset=UTF-8 On Fri, Sep 25, 2015 at 10:30 AM, Yann Ylavic wrote: > On Fri, Sep 25, 2015 at 10:20 AM, Yann Ylavic wrote: >> >> Any other way around? > > Couldn't mod_ssl know by openssl when SSL "administrative" data are > out and then bucket-FLUSH? Actually, the discussion in PR 46952 (mentioned in the comment around the flush) shows that OpenSSL should ask for the flush when necessary, and that it should have been fixed uptream with: Changes between 0.9.8l and 0.9.8m [25 Feb 2010] *) The code that handled flushing of data in SSL/TLS originally used the BIO_CTRL_INFO ctrl to see if any data was pending first. This caused the problem outlined in PR#1949. The fix suggested there however can trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions of Apache). So instead simplify the code to flush unconditionally. This should be fine since flushing with no data to flush is a no op. [Steve Henson] Couldn't we completely remove the flush from bio_filter_in_read() then? Or make it conditional to OpenSSL < 0.9.8m (since we support 0.9.8a at least)?