I'm sorry if it's rude to ask, but have you ever seen a library which implements the functions required for this status code? I chose libmicrohttpd almost solely based on the fact that I thought this function would be available, given the defines, whereas the others I had looked at (libhttpd, lievhtp libonion, etc) did not define the code at all.
Best, Daniel ________________________________ From: libmicrohttpd <libmicrohttpd-bounces+daniel.tweed=mail.mcgill...@gnu.org> on behalf of Christian Grothoff <groth...@gnunet.org> Sent: Thursday, December 1, 2016 1:03:11 PM To: libmicrohttpd@gnu.org Subject: Re: [libmicrohttpd] Out of band authentication with libmicrohttpd Dear Daniel, We just defined the status code (for completeness of the #defines), but never implemented its semantics. So you cannot actually use it with MHD. Happy hacking Christian On 12/01/2016 03:28 PM, Daniel Tweed, Mr wrote: > Dear Evgeny, > > My primary question is around the fact that libmicrohttpd implements the > http 102 code as MHD_HTTP_PROCESSING. The only meaningful use of this > code is to transmit it to the client and then send a follow up response > when the processing is complete. There is no other defined behaviour > for this code. So, what I'm trying to deduce is: Does libmicrohttpd > actually implement this functionality? If so, how would one go about > doing this? If not, why is the code implemented? Should it be removed > from the library? > > Thanks again for all your comments. I'm sorry if I wasn't clear before > but I am not working from obsoleted specifications, in RFC 4918 it > mentions that the for HTTP 102 continue to refer to RFC 2518, not that > the code is no longer supported. The RFC was obsoleted, not the the > code. It is still registered with IANA and is still supported with all > major browsers. I appreciate your attempts to educate me, but http1.1 > supports what I am trying to do, I'm just trying to figure out if > libmicrohttpd does, as the definition of the status code would seem to > imply. > > Regards, > Daniel > > ------------------------------------------------------------------------ > *From:* libmicrohttpd > <libmicrohttpd-bounces+daniel.tweed=mail.mcgill...@gnu.org> on behalf of > Evgeny Grin <k...@yandex.ru> > *Sent:* Thursday, December 1, 2016 9:18:17 AM > *To:* libmicrohttpd@gnu.org > *Subject:* Re: [libmicrohttpd] Out of band authentication with > libmicrohttpd > > To make it clear: MHD follow HTTP specifications and do not allow to use > two responses for single request. > > -- > Best Wishes, > Evgeny Grin > > On 01.12.2016 17:07, Evgeny Grin wrote: >> On 01.12.2016 16:30, Daniel Tweed, Mr wrote: >>> On 01.12.2016 3:04, Daniel Tweed, Mr wrote: >>>>> I'm really new to libmicrohttpd and the examples/tutorial have been >>>>> really helpful, but I can't figure out how to implement one specific >>>>> thing I need. >>>>> >>>>> What I am trying to achieved is: >>>>> >>>>> 1. >>>>> Send http 102 to client who requested anydoc.html which requires >>>>> authentication >>>> HTTP standards doesn't define response code 102. >>>> See https://tools.ietf.org/html/rfc7231#section-6 >>>> and https://tools.ietf.org/html/rfc2616#section-6.1.1 >>> >>> It was defined in RFC 2518, which was updated/obsoleted by RFC 4918 for >>> WebDAV. Granted they removed http 102 from the specification (due to a >>> lack of implementation) and advise that its IANA registration should >>> continue to refer to RDF2518. >>> At a minimum, Firefox and IE respond correctly to this status code, and >>> it is implemented in libmicrohttpd as MHD_HTTP_PROCESSING >> >> I highly recommend you not to use obsoleted specifications - support in >> existing application can be dropped in any moment and new application >> most probably will not work with this code. >> So you will need to re-do your work one more time when clients >> unexpectedly start to refuse your server responses. >> >>>>> 2. >>>>> Some processing on the serverside, including out of band >>> authentication >>>>> >>>>> 3. >>>>> If authenticated, send response built from somedoc.html, otherwise >>>>> generic not auth message >>> >>>> HTTP use request-response logic. If you already responded (your code >>>> 102) to some request then you can't add another response later. >>> >>> The purpose of the http102 message is so the client will not timeout >>> when waiting for a response if the request will take a long time. Using >>> the MHD_HTTP_PROCESSING code requires some mechanism to first send a >>> response with this code and then send a final response. I just figure >>> out how or if this functionality has ever been implemented in the library. >> >> These is not grantee that client will wait more after 102. >> Moreover, chances of successful response even lower, if you take into >> account obsoleted nature of this status. >> >>>>> I'm having a failure of understanding somewhere, in that I cannot seem >>>>> to figure out how to send the 102 and save the connection details so >>>>> that I can forward the response in step 3. I had thought I could queue >>>>> a response then either enter a wait loop or suspend the connection, but >>>>> as far as I can tell I have to return from the >>>>> |MHD_AcceptPolicyCallback| for the response to be sent. Then I cannot >>>>> figure out how to get back to the connection as I cannot suspend it and >>>>> save the pointer. I have looked at the request completed call back but >>>>> this still results in the 102 not being sent. >>>>> >>>>> I really can't figure out a process to achieve these steps from the >>>>> examples or the manual. I'm sure I'm either missing something about >>>>> http processing or about libmicrohttpd any help or advice would be >>>>> appreciated. I'm happy to share anything that would make my question >>>>> clearer, including more details on the overall application or specific >>>>> code I am working with. >>> >>>> MHD_AcceptPolicyCallback could be used to choose whether to process >>>> connection or does not process connection at all. >>> >>>> You should ether call MHD_queue_response() from your callback >>>> MHD_AccessHandlerCallback specified in MHD_start_daemon() parameter or, >>>> if your application need some time to generate response - call >>>> MHD_suspend_connection(). When application is ready to generate response >>>> - call MHD_resume_connection(), then MHD will call again your >>>> MHD_AccessHandlerCallback where you can call MHD_queue_response() to >>>> provide response to client. >>> >>>> If you need some kind of authorization, you can use MHD built-in functions. >>>> See examples: >>>> src/examples/authorization_example.c >>>> src/examples/digest_auth_example.c >>>> and >>>> doc/examples/tlsauthentication.c >>> >>> Thanks, I took a look at these but I'm specifically looking at >>> out-of-and authentication. Since posting this, I found a discussion on >>> a similar topic on the IRC logs to use either keep-alive or >>> MHD_create_response_from_callback (). My concern is that I cannot know >>> how long the out-of-band authentication will take and I need to advise >>> the client not to time out. I need the http 102 message for other >>> reasons, but I could work around them, but it seems that this function >>> is implementable somehow, given that the code is defined, so I'm really >>> hoping not to have to rework my other applications around it. >> >> You can use MHD_create_response_from_callback() with MHD_SIZE_UNKNOWN >> and generate response by chunks. This will prevent clients from >> detecting of timeout. >> >