I am still unclear on why this flushing is even necessary... :/
> On Sep 30, 2015, at 2:30 PM, Ruediger Pluem <[email protected]> wrote: > > > > On 09/29/2015 11:42 AM, [email protected] wrote: >> Author: ylavic >> Date: Tue Sep 29 09:42:56 2015 >> New Revision: 1705823 >> >> URL: http://svn.apache.org/viewvc?rev=1705823&view=rev >> Log: >> mod_ssl: don't FLUSH output (blocking) on read. >> This defeats deferred write (and pipelining), eg. check_pipeline() is not >> expecting the pipe to be flushed under it. >> So let OpenSSL >= 0.9.8m issue the flush when necessary (earlier versions >> are known to not handle all the cases, so we keep flushing with those). >> >> Modified: >> httpd/httpd/trunk/modules/ssl/ssl_engine_io.c >> >> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=1705823&r1=1705822&r2=1705823&view=diff >> ============================================================================== >> --- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original) >> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Tue Sep 29 09:42:56 2015 >> @@ -466,9 +466,10 @@ static int bio_filter_in_read(BIO *bio, >> } >> >> /* In theory, OpenSSL should flush as necessary, but it is known >> - * not to do so correctly in some cases; see PR 46952. >> - * >> - * Historically, this flush call was performed only for an SSLv2 >> + * not to do so correctly in some cases (< 0.9.8m); see PR 46952. >> + */ >> +#if OPENSSL_VERSION_NUMBER < 0x0009080df >> + /* Historically, this flush call was performed only for an SSLv2 >> * connection or for a proxy connection. Calling _out_flush >> * should be very cheap in cases where it is unnecessary (and no >> * output is buffered) so the performance impact of doing it >> >> >> > > > This and the follow up r1705826 do cause t/ssl/proxy.t to hang and ultimately > fail with timeouts. > I am running on Centos 6 with Openssl 1.0.1. > Currently no idea why. Just a heads up. > > Regards > > Rüdiger
