[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: Re: [PATCH] disable keep alive connections when using SSL
From: Matthias Welwarsky <matze () stud ! fbi ! fh-darmstadt ! de>
Date: 2002-03-31 8:00:49
[Download RAW message or body]
Waldo Bastian wrote:
> On Saturday 30 March 2002 02:03 pm, Dawit A. wrote:
>> On Saturday 30 March 2002 10:30, Matthias Welwarsky wrote:
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> >
>> > Hi,
>> >
>> > there seems to be a bug in openssl so that it returns "ok" when you
>> > call SSL_write() on a socket closed by the remote host. This breaks
>> > http POST requests when using keep alive connections.
>> >
>> > This patch disables the keep alive when SSL is in use.
>> > ok to commit?
>>
>> Okay here is my patch modified so that is disables persistent SSL
>> connection as a workaround (only for performarance reasons) as well as
>> fixes the bug in kio_http that caused the SSL_write bug to be noticeable
>> to begin with. The workaround is not really necessary with my fix for
>> kio_http anymore. However, it saves us from multiple attempts to send the
>> data to the server so it is better to revert back to not doing persistent
>> SSL connection.
>
> Wrong fix. The problem is not SSL persistent connections, the problem is
> sending a POST request over a persistent connection. See e.g. RFC2616
> section 8.1.4:
>
> "Non-idempotent methods or sequences MUST NOT be automatically retried,
> although user agents MAY offer a human operator the choice of retrying
> the request(s)."
>
> I think the better solution would be to make sure that non-idempotent
> methods (basically everything but GET) should start a new connection.
> (Patch attached)
GET with parameters should also be not be retried. It's basically a POST by
other means.
regards,
Matze
--
Matthias Welwarsky
Fachschaft Informatik FH Darmstadt
Email: matze@stud.fbi.fh-darmstadt.de
"all software sucks equally, but some software is more equal"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic