You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Greg Ames <gr...@remulak.net> on 2005/06/30 23:46:37 UTC
event MPM flaky with mod_ssl
Paul Querna wrote:
>>once I got past that, it just worked. my tests were fairly simple. I
>>had pipelining enabled in mozilla and also created a script that did
>>HTTP/1.1 pipelining. if anyone can think of other scenarios I should
>>test with mod_ssl please let me know.
>>
>
>
> Yes... I believe it will 'mostly' work, but the issue becomes tricky
> once you consider the SSL protocol. The problem is we might have an
> entire pipe-lined request buffered inside the SSL Packets, and
> therefore, never trigger the socket to come out of the poll(). For
> simple test cases, it might work, but I am pretty sure a malicious
> attack would be easy to create.
yeah I see it. there is no support for MODE_EATCRLF in mod_ssl so
check_pipeline_flush is making bad decisions. with the other mpms it means some
network flows are suboptimal, but it's worse with event as you pointed out.
Greg