Ticket #1747 (new defect)
Opened 3 weeks ago
openssl blocks
| Reported by: | HenrikHolst | Owned by: | jan |
|---|---|---|---|
| Priority: | highest | Milestone: | 1.5.0 |
| Component: | core | Version: | 1.4.19 |
| Severity: | critical | Keywords: | |
| Cc: | Blocked By: | ||
| Need User Feedback: | no | Blocking: |
Description
the network_openssl.c backend blocks the whole of lighttpd during send of a file.
On most connections this is not noticed since SSL_write will return SSL_ERROR_WANT_WRITE and the loop will break so that lighttpd can process the other connections. But on a local GB-lan using cURL (and also on the local loop using both wget and cURL) it is possible to completely lock up lighttpd during a file transfer over ssl.
The problem is that network_write_chunkqueue_openssl loops over all the data in the chunkqueue until SSL_Write complaints.
I have tried to remove the looping alltogether (meaning that lighttp would only send one block [64Kib] before proceeding to the other connections) and that worked out just fine, I can see no slowdown when for example working with localhost so even though lighttpd no longer sends the data in a tight loop the performance seams to be mostly unaffected (probably due to the inherent bad performance in ssl anyways).
