root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/crypto
History
Dr. David von Oheimb 19f97fe6f1 HTTP: Implement persistent connections (keep-alive) 
Both at API and at CLI level (for the CMP app only, so far)
there is a new parameter/option: keep_alive.
* 0 means HTTP connections are not kept open after
receiving a response, which is the default behavior for HTTP 1.0.
* 1 means that persistent connections are requested.
* 2 means that persistent connections are required, i.e.,
in case the server does not grant them an error occurs.

For the CMP app the default value is 1, which means preferring to keep
the connection open. For all other internal uses of the HTTP client
(fetching an OCSP response, a cert, or a CRL) it does not matter
because these operations just take one round trip.

If the client application requested or required a persistent connection
and this was granted by the server, it can keep the OSSL_HTTP_REQ_CTX *
as long as it wants to send further requests and OSSL_HTTP_is_alive()
returns nonzero,
else it should call OSSL_HTTP_REQ_CTX_free() or OSSL_HTTP_close().
In case the client application keeps the OSSL_HTTP_REQ_CTX *
but the connection then dies for any reason at the server side, it will
notice this obtaining an I/O error when trying to send the next request.

This requires extending the HTTP header parsing and
rearranging the high-level HTTP client API. In particular:
* Split the monolithic OSSL_HTTP_transfer() into OSSL_HTTP_open(),
  OSSL_HTTP_set_request(), a lean OSSL_HTTP_transfer(), and OSSL_HTTP_close().
* Split the timeout functionality accordingly and improve default behavior.
* Extract part of OSSL_HTTP_REQ_CTX_new() to OSSL_HTTP_REQ_CTX_set_expected().
* Extend struct ossl_http_req_ctx_st accordingly.

Use the new feature for the CMP client, which requires extending
related transaction management of CMP client and test server.

Update the documentation and extend the tests accordingly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
 		2021-05-14 19:24:42 +02:00
..
aes Fix provider library build wrt. AES 2021-05-14 09:37:35 +02:00
aria Update copyright year 2021-04-08 13:04:41 +01:00
asn1 check i2d_ASN1_TYPE return value 2021-05-14 10:13:53 +10:00
async Update copyright year 2021-04-08 13:04:41 +01:00
bf
bio Replace some of the ERR_clear_error() calls with mark calls 2021-05-13 19:26:06 +02:00
bn Optimize RSA on armv8 2021-05-09 23:15:07 +10:00
buffer
camellia
cast
chacha
cmac Update copyright year 2021-04-22 14:38:44 +01:00
cmp HTTP: Implement persistent connections (keep-alive) 2021-05-14 19:24:42 +02:00
cms CMS ESS: Move four internal aux function to where they belong in crypto/cms 2021-04-28 14:10:47 +02:00
comp Add RUN_ONCE support to zlib init 2021-04-22 17:41:55 +02:00
conf Add convenience functions and macros for asymmetric key generation 2021-05-11 12:46:42 +02:00
crmf Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions 2021-05-08 14:35:03 +02:00
ct Update copyright year 2021-04-08 13:04:41 +01:00
des Update copyright year 2021-01-28 13:54:57 +01:00
dh Fixes related to separation of DH and DHX types 2021-04-26 19:52:11 +02:00
dsa Update copyright year 2021-04-22 14:38:44 +01:00
dso
ec Replace some of the ERR_clear_error() calls with mark calls 2021-05-13 19:26:06 +02:00
encode_decode encoder: add a _name() function for encoders and decoders 2021-05-12 18:40:57 +10:00
engine Update copyright year 2021-04-08 13:04:41 +01:00
err HTTP: Implement persistent connections (keep-alive) 2021-05-14 19:24:42 +02:00
ess Fix missing symbols in no-cms and no-ts build 2021-05-05 17:05:01 +02:00
evp Replace EVP_PKEY_supports_digest_nid 2021-05-13 13:19:39 +02:00
ffc Export/import flags for FFC params changed to seperate fields. 2021-05-13 09:49:18 +10:00
hmac Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions 2021-05-08 14:35:03 +02:00
http HTTP: Implement persistent connections (keep-alive) 2021-05-14 19:24:42 +02:00
idea Update copyright year 2021-04-08 13:04:41 +01:00
kdf
lhash Update copyright year 2021-04-08 13:04:41 +01:00
md2
md4
md5 Remove unused code from the fips module 2021-05-08 20:44:41 +10:00
mdc2
modes Drop libimplementations.a 2021-05-07 10:17:23 +02:00
objects Add OID for RPKI id-ct-signedChecklist 2021-05-12 15:06:22 +10:00
ocsp HTTP: Implement persistent connections (keep-alive) 2021-05-14 19:24:42 +02:00
pem Fallback to legacy pem decoding if OSSL_DECODER fails 2021-05-13 13:30:07 +02:00
perlasm
pkcs7 Add library context and property query support into the PKCS12 API 2021-04-30 09:15:50 +10:00
pkcs12 Replace some of the ERR_clear_error() calls with mark calls 2021-05-13 19:26:06 +02:00
poly1305 Drop libimplementations.a 2021-05-07 10:17:23 +02:00
property property: create property names more eagerly. 2021-05-12 18:19:52 +10:00
rand Add the ability for ex_data to have a priority 2021-05-11 14:56:55 +01:00
rc2 Update copyright year 2021-05-06 13:03:23 +01:00
rc4
rc5
ripemd Drop libimplementations.a 2021-05-07 10:17:23 +02:00
rsa Detect low-level engine and app method based keys 2021-04-19 11:36:16 +02:00
seed
sha Crypto: Add deprecation compatibility declarations for SHA* message digest functions 2021-05-08 14:41:36 +02:00
siphash Fix a TODO(3.0) in the siphash code 2021-03-17 10:16:21 +10:00
sm2 Fix up issues found when running evp_extra_test with a non-default library context 2021-03-17 17:51:16 +10:00
sm3 Add "origin" field to EVP_CIPHER, EVP_MD 2021-04-18 10:03:07 +02:00
sm4 Update copyright year 2021-04-08 13:04:41 +01:00
srp srp: remove references to EVP_sha1() 2021-04-21 09:27:51 +10:00
stack Improve the implementation of X509_STORE_CTX_get1_issuer() 2021-04-28 11:19:34 +02:00
store Add the ability for ex_data to have a priority 2021-05-11 14:56:55 +01:00
ts TS ESS: Move four internal aux function to where they belong in crypto/ts 2021-04-28 14:10:47 +02:00
txt_db
ui Update copyright year 2021-04-08 13:04:41 +01:00
whrlpool A few cleanups of the provider build.infos 2021-05-12 13:23:33 +02:00
x509 Replace some of the ERR_clear_error() calls with mark calls 2021-05-13 19:26:06 +02:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
README-sparse_array.md
alphacpuid.pl
arm64cpuid.pl Read MIDR_EL1 system register on aarch64 2020-12-09 16:17:17 +01:00
arm_arch.h crypto/arm_arch.h: add a variable declaration 2021-05-14 00:03:30 +10:00
armcap.c armcap: fix Mac M1 SHA512 support. 2021-05-11 10:00:27 +02:00
armv4cpuid.pl
asn1_dsa.c Update copyright year 2021-04-08 13:04:41 +01:00
bsearch.c
build.info Fix missing $CPUIDDEF in libdefault.a 2021-05-11 18:27:07 +02:00
c64xpluscpuid.pl
context.c Add the concept of a child OSSL_LIB_CTX 2021-05-11 14:56:55 +01:00
core_algorithm.c Add type_name member to provided methods and use it 2021-04-26 12:05:05 +02:00
core_fetch.c Update copyright year 2021-01-28 13:54:57 +01:00
core_namemap.c Add the ability for ex_data to have a priority 2021-05-11 14:56:55 +01:00
cpt_err.c Update copyright year 2021-05-06 13:03:23 +01:00
cpuid.c Refactor CPUID code 2021-04-02 16:39:13 +02:00
cryptlib.c Refactor CPUID code 2021-04-02 16:39:13 +02:00
ctype.c Update copyright year 2021-04-08 13:04:41 +01:00
cversion.c
der_writer.c
dllmain.c
ebcdic.c
ex_data.c Add the ability for ex_data to have a priority 2021-05-11 14:56:55 +01:00
getenv.c
ia64cpuid.S
info.c
init.c Add RUN_ONCE support to zlib init 2021-04-22 17:41:55 +02:00
initthread.c Add the ability for ex_data to have a priority 2021-05-11 14:56:55 +01:00
mem.c
mem_clr.c
mem_sec.c Update copyright year 2021-04-08 13:04:41 +01:00
mips_arch.h
o_dir.c
o_fopen.c
o_init.c
o_str.c Update copyright year 2021-04-08 13:04:41 +01:00
o_time.c Update copyright year 2021-03-11 13:27:36 +00:00
packet.c
param_build.c Replace OSSL_PARAM_BLD_free_params() with OSSL_PARAM_free(). 2021-04-12 16:55:30 +10:00
param_build_set.c Update copyright year 2021-03-11 13:27:36 +00:00
params.c Fix potential NULL dereference in OSSL_PARAM_get_utf8_string() 2021-04-22 16:46:20 +02:00
params_dup.c params_dup: fix off by one error that allows array overreach. 2021-04-21 08:57:42 +10:00
params_from_text.c params: fix coverity 1473069: unchecked return values 2021-03-26 08:46:02 +10:00
pariscid.pl
passphrase.c
ppc_arch.h
ppccap.c bn: Add fixed length (n=6), unrolled PPC Montgomery Multiplication 2021-05-08 20:39:29 +10:00
ppccpuid.pl
provider.c Add support for child provider to up_ref/free their parent 2021-05-11 14:59:43 +01:00
provider_child.c Don't convert pre-existing providers into children 2021-05-11 15:03:13 +01:00
provider_conf.c Add support for child provider to up_ref/free their parent 2021-05-11 14:59:43 +01:00
provider_core.c Exclude child provider code from the FIPS module 2021-05-11 15:03:13 +01:00
provider_local.h Update copyright year 2021-04-08 13:04:41 +01:00
provider_predefined.c Update copyright year 2021-04-08 13:04:41 +01:00
punycode.c
s390x_arch.h
s390xcap.c
s390xcpuid.pl
self_test_core.c Add the ability for ex_data to have a priority 2021-05-11 14:56:55 +01:00
sparc_arch.h
sparccpuid.S
sparcv9cap.c
sparse_array.c Update copyright year 2021-04-08 13:04:41 +01:00
threads_lib.c Fix no-threads 2020-12-14 10:45:27 +10:00
threads_none.c Update copyright year 2021-04-08 13:04:41 +01:00
threads_pthread.c Always check CRYPTO_LOCK_{read,write}_lock 2021-03-14 15:33:34 +10:00
threads_win.c Always check CRYPTO_LOCK_{read,write}_lock 2021-03-14 15:33:34 +10:00
trace.c Update copyright year 2021-04-08 13:04:41 +01:00
uid.c
vms_rms.h
x86_64cpuid.pl Update copyright year 2021-04-08 13:04:41 +01:00
x86cpuid.pl