Looking through modules/https.tcl ..
ns_httpsopen depends on server's content-length header to be somewhat
accurate or greater than 0 if supplied.
iirc, AOLserver has a bug that returns inaccurate content-lengths,
sometimes 0.
Could this be a/the cause?
Torben
John Caruso wrote:
On Tuesday 09:01 PM 7/21/2009, Mark Aufflick wrote:
You say that "This bug ONLY occurs with an AOLserver client (any
version) running against an AOLserver 4 / nsopenssl 3.0beta26 server"
- so you're saying this issue doesn't occur when using httpsget
against, say, Apache?
Yes, that's correct. As I mention in the bug report, we were unable to
reproduce the bug in any of these scenarios:
- AOLserver client talking to an Apache server
- AOLserver client talking to a Java server
- wget client talking to an AOLserver server
- Firefox/IE client talking to an AOLserver server
And, crucially, it also doesn't happen with an AOLserver client (any
version) running against an AOLserver 3/nsopenssl 2.1a server. For the
bug to occur, the server *must* be AOLserver 4 with nsopenssl 3.0beta26.
It seems very odd that it would be server specific - that would fall
in that painful bug category of "If I wanted that behaviour I have no
idea how I would code it"!
Actually, I think you're going on the assumption that it's a client bug,
but it appears to me that it's a server bug (since an AOLserver
4/nsopenssl 3.0beta26 server is the consistent feature of the failing
scenarios). The odd part to me is that only an AOLserver client
triggers the bug.
By the way, this isn't a theoretical problem; we ran into this bug
because Arena's web application comprises multiple services which
sometimes make client calls to one another via SSL. When we tried to
migrate from AOLserver 3/nsopenssl 2.1a to AOLserver 4/nsopenssl
3.0beta26, we saw occasional and seemingly random failures on various
pages--and after a lot of investigation we managed to narrow it down to
this bug. This is actually just one of several SSL-related issues that
have prevented us from migrating to AOLserver 4 (but we haven't
investigated all of them as deeply as this one, and so we're hoping this
is the root cause of all of them).
- John
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<[email protected]> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the
Subject: field of your email blank.
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<[email protected]> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
