Re: Possible mod_ssl bug (ssl_io_input_read) (fwd)

---------- Forwarded message ----------
Date: Fri, 06 Jun 2003 17:59:50 -0700
From: Justin Erenkrantz
Reply-To: dev@httpd.apache.org
To: dev@httpd.apache.org
Subject: Re: Possible mod_ssl bug (ssl_io_input_read) (fwd)

The suggested API change to char_buffer_read is incorrect. The filter_ctx
should not be passed to char_buffer_read. The possibility I'd propose is just
to set buffer->length to 0 when it is exhausted and keep buffer->value
unchanged in this case (it's overwritten on char_buffer_write, so it will not
append to the old buffer - its value is inconsequential once its length is 0).
The AP_MODE_SPECULATIVE case in ssl_io_input_read could easily be modified to
handle this by not adjusting buffer->value. That seems like it should solve
the problem and do it in a cleaner fashion (and save cycles!).

Yet, I wonder why AP_MODE_SPECULATIVE is being used. Its purpose is very
narrow - it should only be used to support HTTP pipelining and only asking for
one byte. Only connection-level filters will implement this mode - so any
request-level filter transformations won't be applied (i.e. mod_deflate if the
request body is inflated). If you want to intercept the read data, then it
needs to be an input filter not an AP_MODE_SPECULATIVE call. -- justin



____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org