'Re: [PATCH] disable keep alive connections when using SSL'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: [PATCH] disable keep alive connections when using SSL
From:       "Dawit A." <adawit () kde ! org>
Date:       2002-03-30 22:03:41
[Download RAW message or body]

On Saturday 30 March 2002 10:30, Matthias Welwarsky wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> there seems to be a bug in openssl so that it returns "ok" when you call
> SSL_write() on a socket closed by the remote host. This breaks http POST
> requests when using keep alive connections.
>
> This patch disables the keep alive when SSL is in use.
> ok to commit?

Okay here is my patch modified so that is disables persistent SSL connection 
as a workaround (only for performarance reasons) as well as fixes the bug in 
kio_http that caused the SSL_write bug to be noticeable to begin with.  
The workaround is not really necessary with my fix for kio_http anymore.  
However, it saves us from multiple attempts to send the data to the server so 
it is better to revert back to not doing persistent SSL connection.

Regards,
Dawit A.

["http.patch" (text/x-diff)]

Index: http.cc
===================================================================
RCS file: /home/kde/kdelibs/kioslave/http/http.cc,v
retrieving revision 1.470
diff -u -p -b -B -w -r1.470 http.cc
--- http.cc	2002/03/23 04:26:55	1.470
+++ http.cc	2002/03/30 21:59:31
@@ -2132,10 +2132,8 @@ bool HTTPProtocol::httpOpen()
 
   bool res = true;
 
-  if ( moreData )
+  if ( moreData || davData )
     res = sendBody();
-  else if ( davData )
-    res = sendBody( true );
 
   infoMessage( i18n( "<b>%1</b> contacted. "
                      "Waiting for reply..." ).arg( m_request.hostname ) );
@@ -2305,8 +2303,14 @@ bool HTTPProtocol::readHeader()
         if (m_state.doProxy)
           m_bKeepAlive = false;
         else
+        {
+          // FIXME: the m_bIsSSL check is a workaround for OPENSSL's write
+          // bug not returning the correct status when the remote server
+          // closes the connection.
+          if (!m_bIsSSL)
           m_bKeepAlive = true; // HTTP 1.1 has persistant connections.
       }
+      }
 
       if ( m_responseCode )
         m_prevResponseCode = m_responseCode;
@@ -2660,6 +2664,10 @@ bool HTTPProtocol::readHeader()
         if (strncasecmp(trimLead(buf + 11), "Close", 5) == 0) {
           m_bKeepAlive = false;
         } else if (strncasecmp(trimLead(buf + 11), "Keep-Alive", 10)==0) {
+          // FIXME: the m_bIsSSL check is a workaround for OPENSSL's write
+          // bug not returning the correct status when the remote server
+          // closes the connection.
+          if (!m_bIsSSL)
           m_bKeepAlive = true;
         }
 
@@ -3050,7 +3058,7 @@ void HTTPProtocol::addEncoding(QString e
   }
 }
 
-bool HTTPProtocol::sendBody( bool dataInternal /* = false */ )
+bool HTTPProtocol::sendBody()
 {
   int result=-1;
   int length=0;
@@ -3059,15 +3067,14 @@ bool HTTPProtocol::sendBody( bool dataIn
 
   // Loop until we got 'dataEnd'
   kdDebug(7113) << "(" << m_pid << ") Response code: " << m_responseCode << endl;
-  if ( m_responseCode == 401 || m_responseCode == 407 || dataInternal )
-  {
-    // For RE-POST on authentication failure the
-    // buffer should not be empty...
-    if ( m_bufPOST.isNull() )
+
+  // if ( m_responseCode == 401 || m_responseCode == 407 || dataInternal )
+
+  // m_bufPOST will NOT be empty iff authentication was required before posting
+  // the data OR a re-connect is requested from ::readHeader because the
+  // connection was lost for some reason.
+  if ( !m_bufPOST.isNull() )
     {
-      error( ERR_ABORTED, m_request.hostname );
-      return false;
-    }
     kdDebug(7113) << "(" << m_pid << ") POST'ing saved data..." << endl;
     length = m_bufPOST.size();
     result = 0;
@@ -3093,7 +3100,7 @@ bool HTTPProtocol::sendBody( bool dataIn
     } while ( result > 0 );
   }
 
-  if ( result != 0 )
+  if ( result < 0 )
   {
     error( ERR_ABORTED, m_request.hostname );
     return false;
Index: http.h
===================================================================
RCS file: /home/kde/kdelibs/kioslave/http/http.h,v
retrieving revision 1.123
diff -u -p -b -B -w -r1.123 http.h
--- http.h	2002/03/22 01:57:37	1.123
+++ http.h	2002/03/30 21:59:31
@@ -225,12 +225,11 @@ protected:
   bool httpOpenConnection();   // Open connection
   void httpCheckConnection();  // Check whether to keep connection.
   void httpCloseConnection();  // Close conection
-  bool httpIsConnected();      // Checks for existing connection.
 
   bool readHeader();
-  // where dataInternal == true, the content is to come from
-  // an internal function.
-  bool sendBody( bool dataInternal = false );
+
+  bool sendBody();
+
   // where dataInternal == true, the content is to be made available
   // to an internal function.
   bool readBody( bool dataInternal = false );


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic