I can tell looking at the IP trace, there is more data sent from Netscape
to the TPF server (a packet with three chunks in it), but for whatever
reason SSL_read is only called once. These chunks would seem to correspond
nicely with the number of SSL_reads performed on Linux for a similar POST.
I tried installing ssldump on a Linux client here, but it doesn't appear to
support our Token Ring network. Is there a version of ssldump, either
Linux or Windows, that will work with TR?
If ssldump doesn't support TR, I can provide TCP trace output; TPF has a
native ability to trace its network activity at the IP level.
Regards,
Evan Jennings
TPF Development, IBM Corp.
Poughkeepsie NY
(845) 435-1918
Eric Rescorla
<[EMAIL PROTECTED]> To: [EMAIL PROTECTED]
Sent by: cc:
owner-modssl-users Subject: Re: engine io question
@modssl.org
09/27/2001 08:05
PM
Please respond to
modssl-users
"Evan Jennings" <[EMAIL PROTECTED]> writes:
> Looking again at OS/390 for comparison, I did misstate the flow. Below
are
> the actual intercepted SSL_read outputs on TPF. The "S_r: " prefix
> indicates each SSL_read:
>
> S_r: POST /cgi-bin/cgi-forms HTTP/1.0
> Referer: https://1.2.3.4/cgiform.html
> Connection: Keep-Alive
> User-Agent: Mozilla/4.77 .en. (Windows NT 5.0; U)
> Host: 1.2.3.4
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png,
*/*
> Accept-Encoding: gzip
> Accept-Language: en,de
> Accept-Charset: iso-8859-1,*,utf-8
>
>The same thing on OS/390 shows me:
>
> S_r: POST /cgi-bin/test-cgi HTTP/1.0
> Referer: https://5.6.7.8:8443/cgiform2.html
> Connection: Keep-Alive
> User-Agent: Mozilla/4.77 [en] (Windows NT 5.0; U)
> Host: 5.6.7.8:8443
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png,
*/*
> Accept-Encoding: gzip
> Accept-Language: en,de
> Accept-Charset: iso-8859-1,*,utf-8
> S_r: Content-type: application/x-www-form-urlencoded
> Content-length: 9
> S_r:
> S_r: entry=123
Note that these are totally different requests. It's a little hard to tell
whether the first request actually contains a CRLF at the end or not. Can
you
clarify?
It might be useful if you used ssldump to record the actual traffic being
sent by the client (provide it with the private key so we can see the
plaintext).
-Ekr
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
