A Google Chrome POST breaks this SSL_read. Anyone have code that works?

Question

I need a minimal SSL server and came up with the following:

confirm(WSAStartup(MakeWord(1,1), WData) = 0);
SSL_library_init;
SSL_load_error_stri         


        

Answer 1

You need to remember, that TCP is stream-based, and single call to Read can return whatever piece of data it can, and this can be for example half of the header, or a header + a bit of the post data or anything between. You can't expect one read to return the complete data.

Consequently your only option is the following algorithm:

1. read something.
2. check if you've got a complete header inside.
3. If you got a header, check if it contains Content-Length (some posts might not contain it)
4. If you have Content-length, keep reading from the socket up to Content-length, then process the complete request.
5. If you don't have Content-length, then you have to deal with chunked encoding. This is a complex thing to handle which is far beyond the scope of SO question.

If I were you, I would take some existing HTTP/HTTPS server implementation. Obvious options are Indy + SSL layer or HTTPBlackbox server package of our SecureBlackbox.

Answer 2

I modified OpenSSL s_server.c, which now does the trick, and posted it as the answer to Question 7080958.