William A. Rowe, Jr. wrote:
Brian J. France wrote:
Will this patch allow the removal of this code from mod_ftp
ftp_ssl_init function:
/* This is handled in the NET_TIME filter, which unfortunately
* ignores the timeout for the purpose of AP_MODE_INIT.
* Fix a timeout so the core read filter will behave.
*/
client_socket = ap_get_module_config(cdata->conn_config,
&core_module);
apr_socket_timeout_set(client_socket, cdata->base_server->timeout);
Yup.
mod_ftp has a number of timeouts, itself, and might possibly benefit
some administrators if we shift to cdata->base_server->keepalive_timeout
after the first request line is read. This way, one could have a very
short (e.g. 10 sec) timeout to begin processing the USER command, while
providing the user a more generous (e.g. 180 sec) timeout between cmds.
The more that I think about it, that shift should only happen once the
user is authenticated.
Oh, I should point out that there was always a hack (a different one,
however) in mod_ftp - this one I came up with fixing mod_echo. Prior to
this patch, mod_echo would succeed on Linux and Win32 (blocking forever)
and consume massive cycles on Solaris and AIX (nonblocking, and spinning
through brigade_gets perpetually.) When mod_ssl is added to mod_echo,
it would fail outright on Solaris and AIX because the BLOCK mode would
always fail to set up the timeout. And invoking AP_MODE_INIT always
failed as well, because the NET_TIME filter ignored it (and it was the
single most criticial get_brigade call before the protocol would reply
with an immediate write.)
So this patch had more to do with Apache, mod_echo and most protocols
(other than http) than with mod_ftp specifically.
Bill
