On Wed, Oct 03, 2001 at 12:51:09AM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote: > I'm running into all sorts of filter problems. The initial client request is > itself not received completely.. For ex., the apr_bucket_read > (ssl_engine_io.c:218) returns 20 bytes when the client has sent 103 bytes. > > The ssl_hook_process_connection (mod_ssl.c:360) returns with a error to read > more (which is not being handled right now). This is a problem as the SSL > filter expects that *all* the data sent by the client is received in one > complete chunk.. > > If I try forcing the bucket_read again (incase of a SSL_WANT_READ error), > it's still not able to read the full data.
Whenever mod_ssl is handling the request, it needs to remove CORE_IN and be able to match CORE_IN's functionality (i.e. handle the same modes as CORE_IN). This is how I would expect it to work given the new implementation. I would also expect that mod_ssl makes some faulty assumptions about how the input filtering works (these same assumptions broke the httpd-test input filter module). Input filters should only return as much data as is requested. Everything else should remain buffered - this is a change from before. I will try to take a look at it tomorrow. It will take me some time to sift through the code. FWIW, this is what I meant by mod_ssl being a quagmire - I'm not familiar with the code and it is substantially different in style from the rest of httpd. There is a steep learning curve here. Hopefully, this should give you an idea of what needs to happen - if you can beat me to it, great. =) -- justin
