On Friday 20 of November 2009 14:50:30 Daniel Stenberg wrote: > I had a look at this just now. I must agree that it is funny that this > hasn't caused pain for anyone yet. I guess one way to force this to happen > to get tested, is if you can somehow enforce some kind of slow-down magic > on an interface so that you get traffic byte-per-byte[*]. > > The "correct" way of fixing this flaw is probably to make sure we implement > a function for non-blocking connects and make sure we define > 'curlssl_connect_nonblocking' to identify it. This is done already in the > OpenSSL glue code so inspiration could be gotten from there.
Yep, I am going to write both (blocking and nonblocking) connection routines for NSS as well. The patch will be probably not too large since a lot of code will be shared by both. > The point is quite simply to do as much as possible and not block, and it > will get called again until it has completed and then it sets *done = TRUE > so that the parent then happily moves on. As it is already implemented within the OpenSSL part, I'll just look there and try to do somewhat similar. > [*] = some ideas on how to accomplish this include: > http://monkey.org/~marius/pages/?page=trickle and > http://wanem.sourceforge.net/ but I've not personally tried either one. Thanks for the links! I haven't been aware of an easy way how to test this. That's probably why the patch is still not waiting here for review ;-) Kamil ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
