SOURCES: lighttpd-openssl.patch (NEW) - fixes infinite loop on slo...

Thu Aug 25 08:39:55 CEST 2005

Author: aredridel                    Date: Thu Aug 25 06:39:54 2005 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- fixes infinite loop on slow connection over SSL

---- Files affected:
SOURCES:
   lighttpd-openssl.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/lighttpd-openssl.patch
diff -u /dev/null SOURCES/lighttpd-openssl.patch:1.1

--- /dev/null	Thu Aug 25 08:39:54 2005
+++ SOURCES/lighttpd-openssl.patch	Thu Aug 25 08:39:49 2005
@@ -0,0 +1,67 @@
+--- branches/lighttpd-merge-1.4.x/src/connections.c	(revision 620)
++++ branches/lighttpd-merge-1.4.x/src/connections.c	(revision 621)
+@@ -213,7 +213,7 @@
+ 		
+ #ifdef USE_OPENSSL
+ 		if (srv_sock->is_ssl) {
+-			int r;
++			int r, ssl_err;
+ 			
+ 			switch ((r = SSL_get_error(con->ssl, len))) {
+ 			case SSL_ERROR_WANT_READ:
+@@ -237,8 +237,15 @@
+ 				
+ 				/* fall thourgh */
+ 			default:
+-				log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:", 
+-						r, ERR_error_string(ERR_get_error(), NULL));
++				ssl_err = ERR_get_error();
++				switch(ssl_err) {
++				case SSL_F_SSL23_GET_CLIENT_HELLO:
++					/* a unencrypted HTTP request on a HTTPS socket. Do a redirect to the right location */
++				default:
++					log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:", 
++							r, ERR_error_string(ERR_get_error(), NULL));
++					break;
++				}
+ 				break;
+ 			}
+ 		} else {
+--- branches/lighttpd-merge-1.4.x/src/mod_compress.c	(revision 620)
++++ branches/lighttpd-merge-1.4.x/src/mod_compress.c	(revision 621)
+@@ -357,7 +357,7 @@
+ 			
+ 			if (-1 == mkdir(p->b->ptr, 0700)) {
+ 				if (errno != EEXIST) {
+-					log_error_write(srv, __FILE__, __LINE__, "ssss", "creating cache-directory", p->b->ptr, "failed", strerror(errno));
++					log_error_write(srv, __FILE__, __LINE__, "sbss", "creating cache-directory", p->b, "failed", strerror(errno));
+ 					
+ 					return -1;
+ 				}
+--- branches/lighttpd-merge-1.4.x/src/network_openssl.c	(revision 620)
++++ branches/lighttpd-merge-1.4.x/src/network_openssl.c	(revision 621)
+@@ -123,6 +123,7 @@
+ 			size_t toSend;
+ 			stat_cache_entry *sce = NULL;
+ 			int ifd;
++			int write_wait = 0;
+ 			
+ 			if (HANDLER_ERROR == stat_cache_get_entry(srv, con, c->data.file.name, &sce)) {
+ 				log_error_write(srv, __FILE__, __LINE__, "sb",
+@@ -162,6 +163,7 @@
+ 				if ((r = SSL_write(con->ssl, s, toSend)) <= 0) {
+ 					switch ((ssl_r = SSL_get_error(con->ssl, r))) {
+ 					case SSL_ERROR_WANT_WRITE:
++						write_wait = 1;
+ 						break;
+ 					case SSL_ERROR_SYSCALL:
+ 						switch(errno) {
+@@ -196,7 +198,7 @@
+ 				if (c->offset == c->data.file.length) {
+ 					chunk_finished = 1;
+ 				}
+-			} while(!chunk_finished);
++			} while(!chunk_finished && !write_wait);
+ 			
+ 			break;
+ 		}
================================================================

