httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joachim Achtzehnter <joac...@kraut.ca>
Subject HTTPS connections lock-up with 2.4.18
Date Mon, 01 Feb 2016 02:41:51 GMT
After upgrading from 2.4.12 to 2.4.18 we find that some requests for 
files cause a lock-up when HTTPS is used, but not with plain HTTP. After 
some debugging it seems the problem is that the mod_ssl no longer 
explicitly flushes the output it produced before going back to reading a 
new request on the same connection.

This is a 32-bit Intel Linux platform, and by stepping through the 
mod_ssl output filter in the debugger I can see that the files that 
cause problems are being read by Apache using the mmap approach.

Restoring the explicit flushing from 2.4.12 gets the 2.4.18 version of 
mod-ssl working for us. Here is the patch:


--- ssl_engine_io.c.orig	2015-11-19 11:55:25.000000000 -0800
+++ ssl_engine_io.c	2016-01-31 17:22:54.586227441 -0800
@@ -466,6 +466,21 @@
          return -1;
      }

+    /* In theory, OpenSSL should flush as necessary, but it is known
+     * not to do so correctly in some cases; see PR 46952.
+     *
+     * Historically, this flush call was performed only for an SSLv2
+     * connection or for a proxy connection.  Calling _out_flush
+     * should be very cheap in cases where it is unnecessary (and no
+     * output is buffered) so the performance impact of doing it
+     * unconditionally should be minimal.
+     */
+    if (bio_filter_out_flush(inctx->bio_out) < 0) {
+        bio_filter_out_ctx_t *outctx = inctx->bio_out->ptr;
+        inctx->rc = outctx->rc;
+        return -1;
+    }
+
      BIO_clear_retry_flags(bio);

      if (!inctx->bb) {




Mime
View raw message