Paul Querna wrote:
once I got past that, it just worked. my tests were fairly simple. I
had pipelining enabled in mozilla and also created a script that did
HTTP/1.1 pipelining. if anyone can think of other scenarios I should
test with mod_ssl please let me know.
Yes... I believe it will 'mostly' work, but the issue becomes tricky
once you consider the SSL protocol. The problem is we might have an
entire pipe-lined request buffered inside the SSL Packets, and
therefore, never trigger the socket to come out of the poll(). For
simple test cases, it might work, but I am pretty sure a malicious
attack would be easy to create.
yeah I see it. there is no support for MODE_EATCRLF in mod_ssl so
check_pipeline_flush is making bad decisions. with the other mpms it means some
network flows are suboptimal, but it's worse with event as you pointed out.
Greg
