[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: [PATCH] disable keep alive connections when using SSL
From:       Matthias Welwarsky <matze () stud ! fbi ! fh-darmstadt ! de>
Date:       2002-03-31 8:00:49
[Download RAW message or body]

Waldo Bastian wrote:

> On Saturday 30 March 2002 02:03 pm, Dawit A. wrote:
>> On Saturday 30 March 2002 10:30, Matthias Welwarsky wrote:
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> >
>> > Hi,
>> >
>> > there seems to be a bug in openssl so that it returns "ok" when you
>> > call SSL_write() on a socket closed by the remote host. This breaks
>> > http POST requests when using keep alive connections.
>> >
>> > This patch disables the keep alive when SSL is in use.
>> > ok to commit?
>>
>> Okay here is my patch modified so that is disables persistent SSL
>> connection as a workaround (only for performarance reasons) as well as
>> fixes the bug in kio_http that caused the SSL_write bug to be noticeable
>> to begin with. The workaround is not really necessary with my fix for
>> kio_http anymore. However, it saves us from multiple attempts to send the
>> data to the server so it is better to revert back to not doing persistent
>> SSL connection.
> 
> Wrong fix. The problem is not SSL persistent connections, the problem is
> sending a POST request over a persistent connection. See e.g. RFC2616
> section 8.1.4:
> 
>  "Non-idempotent methods or sequences MUST NOT be automatically retried,
>   although user agents MAY offer a human operator the choice of retrying
>   the request(s)."
> 
> I think the better solution would be to make sure that non-idempotent
> methods (basically everything but GET) should start a new connection.
> (Patch attached)

GET with parameters should also be not be retried. It's basically a POST by 
other means.

regards,
        Matze

-- 
Matthias Welwarsky
Fachschaft Informatik FH Darmstadt
Email: matze@stud.fbi.fh-darmstadt.de

"all software sucks equally, but some software is more equal"
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic