Updates:
Status: Fixed
Owner: ste...@konink.de
Comment #51 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284
I think I can proudly present the "true" stable fix. After reading on Stack
Overflow that people could get output of SSL_pending but only after
SSL_read I started to realise this might be the cause of our issues.
http://stackoverflow.com/questions/6616976/why-does-this-ssl-pending-call-always-return-zero
My initial patch caused the check 'is there more data to be processed?'
always be true. After that true, the statemachine would just go on with
processing, doing what it had to do given that state, read a bit more, and
then realise: there is no data.
The check is there for a reason, don't do the entire statemachine thing, if
you don't have data to process. The trivial fix is the following:
--- a/cherokee/cryptor_libssl.c
+++ b/cherokee/cryptor_libssl.c
@@ -927,6 +927,7 @@ _socket_read (cherokee_cryptor_socket_libssl_t *cryp,
static int
_socket_pending (cherokee_cryptor_socket_libssl_t *cryp)
{
+ SSL_read(cryp->session, NULL, 0);
return (SSL_pending (cryp->session) > 0);
}
We just say to OpenSSL; do your thing read stuff, we just don't want your
data yet, keep it in your own buffers. After that, SSL_pending does
return: "Geez, got some data for you!"
We progress with the Cherokee state machine, and after a while we are
actually doing another SSL_read, with a buffer attached to it, and read out
what data we need and going to use.
_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev
Status: Fixed
Owner: ste...@konink.de
Comment #51 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284
I think I can proudly present the "true" stable fix. After reading on Stack
Overflow that people could get output of SSL_pending but only after
SSL_read I started to realise this might be the cause of our issues.
http://stackoverflow.com/questions/6616976/why-does-this-ssl-pending-call-always-return-zero
My initial patch caused the check 'is there more data to be processed?'
always be true. After that true, the statemachine would just go on with
processing, doing what it had to do given that state, read a bit more, and
then realise: there is no data.
The check is there for a reason, don't do the entire statemachine thing, if
you don't have data to process. The trivial fix is the following:
--- a/cherokee/cryptor_libssl.c
+++ b/cherokee/cryptor_libssl.c
@@ -927,6 +927,7 @@ _socket_read (cherokee_cryptor_socket_libssl_t *cryp,
static int
_socket_pending (cherokee_cryptor_socket_libssl_t *cryp)
{
+ SSL_read(cryp->session, NULL, 0);
return (SSL_pending (cryp->session) > 0);
}
We just say to OpenSSL; do your thing read stuff, we just don't want your
data yet, keep it in your own buffers. After that, SSL_pending does
return: "Geez, got some data for you!"
We progress with the Cherokee state machine, and after a while we are
actually doing another SSL_read, with a buffer attached to it, and read out
what data we need and going to use.
_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev