Re: [Libevent-users] [PATCH] Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.

2013-03-11 Thread Alexey Ozeritsky 
Hello,

I've added support of POST requests to sample/https-client.c:
https://github.com/resetius/libevent/commit/c5887f73b707a7e95b986a0c5eede80ef7741d09

This is useful to reproduce the bug 
http://sourceforge.net/tracker/index.php?func=detail&aid=3526934&group_id=50884&atid=461322

$ ls -l *K *M
-rw-rw-r-- 1 statbox statbox 104857600 Mar 11 14:23 100M
-rw-rw-r-- 1 statbox statbox  10485760 Mar 11 14:20 10M
-rw-rw-r-- 1 statbox statbox   1048576 Mar 11 14:20 1M
-rw-rw-r-- 1 statbox statbox  4096 Mar 11 14:23 4K
-rw-rw-r-- 1 statbox statbox524288 Mar 11 14:21 512K

curl works fine:

$ curl -k --data-binary @4K https://localhost/proxy
OK

$ curl -k --data-binary @512K https://localhost/proxy
OK

$ curl -k --data-binary @10M https://localhost/proxy
OK

libevent does something wrong:

$ ./sample/https-client -url https://localhost/proxy -data 4K -ignore-cert
Response line: 200 OK
OK

$ ./sample/https-client -url https://localhost/proxy -data 512K -ignore-cert
Response line: 502 Bad Gateway

502 Bad Gateway

502 Bad Gateway
nginx/1.2.1



$ ./sample/https-client -url https://localhost/proxy -data 10M -ignore-cert
some request failed - no idea which one though!
socket error = Resource temporarily unavailable (11)

nginx config:
server {
listen   [::]:443;
server_name  localhost;

access_log  /var/log/nginx/localhost.ssl.access.log;

ssl   on;
ssl_protocols SSLv3;
ssl_ciphers   AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;

ssl_certificate  /etc/nginx/certs/storage.server.crt;
ssl_certificate_key  /etc/nginx/certs/storage.server.key;
ssl_session_cache off;

location /proxy {
proxy_pass   http://127.0.0.1:8000;
client_max_body_size 1024m;
}
}

server code:
#!/usr/bin/python
import sys
import BaseHTTPServer


class myHandler(BaseHTTPServer.BaseHTTPRequestHandler):
def do_GET(self):
self.send_response(200)
self.end_headers()
self.wfile.write("OK\n")

def do_POST(self):
self.do_GET()

HandlerClass = myHandler
ServerClass  = BaseHTTPServer.HTTPServer
Protocol = "HTTP/1.0"

if sys.argv[1:]:
port = int(sys.argv[1])
else:
port = 8000
server_address = ('127.0.0.1', port)

HandlerClass.protocol_version = Protocol
httpd = ServerClass(server_address, HandlerClass)

sa = httpd.socket.getsockname()
print "Serving HTTP on", sa[0], "port", sa[1], "..."
httpd.serve_forever()



20.02.2013, 00:05, "Nick Mathewson" :
> On Tue, Feb 19, 2013 at 12:22 PM, Catalin Patulea  wrote:
>
>>  Signed-off-by: Catalin Patulea 
>>  ---
>>   .gitignore    |   1 +
>>   sample/https-client.c | 207 
>> ++
>>   sample/include.am |   5 ++
>>   3 files changed, 213 insertions(+)
>>   create mode 100644 sample/https-client.c
>
> Looks like a good start!
>
> Patrick, do you have time to have a look at this?  I'm hoping you'll
> have some ideas of whether or not this is the right way to write this.
>
> Some initial comments:
>
>    * It could sure use comments!
>
>    * This is dangerous code; it doesn't do any certificate validation
> so far as I can see, and as such gets zero protection from
> man-in-the-middle attacks.  People who don't know how to use TLS will
> be copying our examples here, so we need to make sure to get the
> security right.
> ***
> To unsubscribe, send an e-mail to majord...@freehaven.net with
> unsubscribe libevent-users    in the body.
***
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-usersin the body.

Re: [Libevent-users] [PATCH] Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.

2013-03-11 Thread Alexey Ozeritsky 


11.03.2013, 19:31, "Oscar Koeroo" :
> On 11-03-13 16:00, Alexey Ozeritsky wrote:
>
>>  libevent does something wrong:
>>
>>  $ ./sample/https-client -url https://localhost/proxy -data 4K -ignore-cert
>>  Response line: 200 OK
>>  OK
>>
>>  $ ./sample/https-client -url https://localhost/proxy -data 512K -ignore-cert
>>  Response line: 502 Bad Gateway
>>  
>>  502 Bad Gateway
>>  
>>  502 Bad Gateway
>>  nginx/1.2.1
>>  
>>  
>
> Perhaps silly, but can you test again by adding a slash to the URL
> provided?
>
> i.e.: "https://localhost/proxy/"; instead of "https://localhost/proxy";
>
> Curl might add the missing slash making an exact match on the URL to
> succeed there.

the same

4K -- ok
512K -- 502 Bad Gateway
10M -- Resource temporarily unavailable (11)

python backend log:
...
localhost - - [11/Mar/2013 19:38:15] "POST /proxy/ HTTP/1.0" 200 -
localhost - - [11/Mar/2013 19:38:17] "POST /proxy/ HTTP/1.0" 200 -
localhost - - [11/Mar/2013 19:38:22] "POST /proxy/ HTTP/1.0" 200 -
...

nginx error.log:
..
2013/03/11 19:38:22 [error] 24256#0: *120 sendfile() failed (32: Broken pipe) 
while sending request to upstream, client: :::127.0.0.1, server: localhost, 
request: "POST /proxy/ HTTP/1.1", upstream: "http://127.0.0.1:8000/proxy/";, 
host: "localhost"
..
nginx access.log:
:::127.0.0.1 - - [11/Mar/2013:19:38:15 +0400] "POST /proxy/ HTTP/1.1" 200 
13 "-" "-"
:::127.0.0.1 - - [11/Mar/2013:19:38:22 +0400] "POST /proxy/ HTTP/1.1" 502 
172 "-" "-"
:::127.0.0.1 - - [11/Mar/2013:19:39:16 +0400] "POST /proxy/ HTTP/1.1" 400 0 
"-" "-"


>
> Oscar
***
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-usersin the body.

Re: [Libevent-users] [PATCH] Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.

2013-03-11 Thread Oscar Koeroo 
On 11-03-13 16:00, Alexey Ozeritsky wrote:
> libevent does something wrong:
> 
> $ ./sample/https-client -url https://localhost/proxy -data 4K -ignore-cert
> Response line: 200 OK
> OK
> 
> $ ./sample/https-client -url https://localhost/proxy -data 512K -ignore-cert
> Response line: 502 Bad Gateway
> 
> 502 Bad Gateway
> 
> 502 Bad Gateway
> nginx/1.2.1
> 
> 

Perhaps silly, but can you test again by adding a slash to the URL
provided?

i.e.: "https://localhost/proxy/"; instead of "https://localhost/proxy";

Curl might add the missing slash making an exact match on the URL to
succeed there.


Oscar



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Libevent-users] [PATCH] Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.

2013-03-11 Thread Azat Khuzhin 
With my libevent version 512KiB transmitted succesfully.

azat:.../libevent/sample (https)$ tr -dc A-Za-z0-9 | ../../data.512.kb
azat:.../libevent/sample (https)$ ./https-client -url
https://127.0.0.1/proxy -data ../../data.512.kb -ignore-cert
Response line: 200 OK
OK

But 4MiB:
azat:.../libevent/sample (https)$ tr -dc A-Za-z0-9 | ../../data.4.mb
azat:.../libevent/sample (https)$ ./https-client -url
https://127.0.0.1/proxy -data ../../data.4.mb -ignore-cert
some request failed - no idea which one though!
socket error = Resource temporarily unavailable (11)

Why version libevent do you have?

On Mon, Mar 11, 2013 at 7:42 PM, Alexey Ozeritsky  wrote:
>
>
> 11.03.2013, 19:31, "Oscar Koeroo" :
>> On 11-03-13 16:00, Alexey Ozeritsky wrote:
>>
>>>  libevent does something wrong:
>>>
>>>  $ ./sample/https-client -url https://localhost/proxy -data 4K -ignore-cert
>>>  Response line: 200 OK
>>>  OK
>>>
>>>  $ ./sample/https-client -url https://localhost/proxy -data 512K 
>>> -ignore-cert
>>>  Response line: 502 Bad Gateway
>>>  
>>>  502 Bad Gateway
>>>  
>>>  502 Bad Gateway
>>>  nginx/1.2.1
>>>  
>>>  
>>
>> Perhaps silly, but can you test again by adding a slash to the URL
>> provided?
>>
>> i.e.: "https://localhost/proxy/"; instead of "https://localhost/proxy";
>>
>> Curl might add the missing slash making an exact match on the URL to
>> succeed there.
>
> the same
>
> 4K -- ok
> 512K -- 502 Bad Gateway
> 10M -- Resource temporarily unavailable (11)
>
> python backend log:
> ...
> localhost - - [11/Mar/2013 19:38:15] "POST /proxy/ HTTP/1.0" 200 -
> localhost - - [11/Mar/2013 19:38:17] "POST /proxy/ HTTP/1.0" 200 -
> localhost - - [11/Mar/2013 19:38:22] "POST /proxy/ HTTP/1.0" 200 -
> ...
>
> nginx error.log:
> ..
> 2013/03/11 19:38:22 [error] 24256#0: *120 sendfile() failed (32: Broken pipe) 
> while sending request to upstream, client: :::127.0.0.1, server: 
> localhost, request: "POST /proxy/ HTTP/1.1", upstream: 
> "http://127.0.0.1:8000/proxy/";, host: "localhost"
> ..
> nginx access.log:
> :::127.0.0.1 - - [11/Mar/2013:19:38:15 +0400] "POST /proxy/ HTTP/1.1" 200 
> 13 "-" "-"
> :::127.0.0.1 - - [11/Mar/2013:19:38:22 +0400] "POST /proxy/ HTTP/1.1" 502 
> 172 "-" "-"
> :::127.0.0.1 - - [11/Mar/2013:19:39:16 +0400] "POST /proxy/ HTTP/1.1" 400 
> 0 "-" "-"
>
>
>>
>> Oscar
> ***
> To unsubscribe, send an e-mail to majord...@freehaven.net with
> unsubscribe libevent-usersin the body.



--
Respectfully
Azat Khuzhin
Primary email a3at.m...@gmail.com
***
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-usersin the body.

Re: [Libevent-users] [PATCH] Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.

2013-03-11 Thread Azat Khuzhin 
On Mon, Mar 11, 2013 at 11:22 PM, Azat Khuzhin  wrote:
> With my libevent version 512KiB transmitted succesfully.
>
> azat:.../libevent/sample (https)$ tr -dc A-Za-z0-9  head -c$((512 * 1024) >| ../../data.512.kb
> azat:.../libevent/sample (https)$ ./https-client -url
> https://127.0.0.1/proxy -data ../../data.512.kb -ignore-cert
> Response line: 200 OK
> OK
>
> But 4MiB:
> azat:.../libevent/sample (https)$ tr -dc A-Za-z0-9  head -c$((4096 * 1024)) >| ../../data.4.mb
> azat:.../libevent/sample (https)$ ./https-client -url
> https://127.0.0.1/proxy -data ../../data.4.mb -ignore-cert
> some request failed - no idea which one though!
> socket error = Resource temporarily unavailable (11)
>
> Why version libevent do you have?

*what

>
> On Mon, Mar 11, 2013 at 7:42 PM, Alexey Ozeritsky  
> wrote:
>>
>>
>> 11.03.2013, 19:31, "Oscar Koeroo" :
>>> On 11-03-13 16:00, Alexey Ozeritsky wrote:
>>>
  libevent does something wrong:

  $ ./sample/https-client -url https://localhost/proxy -data 4K -ignore-cert
  Response line: 200 OK
  OK

  $ ./sample/https-client -url https://localhost/proxy -data 512K 
 -ignore-cert
  Response line: 502 Bad Gateway
  
  502 Bad Gateway
  
  502 Bad Gateway
  nginx/1.2.1
  
  
>>>
>>> Perhaps silly, but can you test again by adding a slash to the URL
>>> provided?
>>>
>>> i.e.: "https://localhost/proxy/"; instead of "https://localhost/proxy";
>>>
>>> Curl might add the missing slash making an exact match on the URL to
>>> succeed there.
>>
>> the same
>>
>> 4K -- ok
>> 512K -- 502 Bad Gateway
>> 10M -- Resource temporarily unavailable (11)
>>
>> python backend log:
>> ...
>> localhost - - [11/Mar/2013 19:38:15] "POST /proxy/ HTTP/1.0" 200 -
>> localhost - - [11/Mar/2013 19:38:17] "POST /proxy/ HTTP/1.0" 200 -
>> localhost - - [11/Mar/2013 19:38:22] "POST /proxy/ HTTP/1.0" 200 -
>> ...
>>
>> nginx error.log:
>> ..
>> 2013/03/11 19:38:22 [error] 24256#0: *120 sendfile() failed (32: Broken 
>> pipe) while sending request to upstream, client: :::127.0.0.1, server: 
>> localhost, request: "POST /proxy/ HTTP/1.1", upstream: 
>> "http://127.0.0.1:8000/proxy/";, host: "localhost"
>> ..
>> nginx access.log:
>> :::127.0.0.1 - - [11/Mar/2013:19:38:15 +0400] "POST /proxy/ HTTP/1.1" 
>> 200 13 "-" "-"
>> :::127.0.0.1 - - [11/Mar/2013:19:38:22 +0400] "POST /proxy/ HTTP/1.1" 
>> 502 172 "-" "-"
>> :::127.0.0.1 - - [11/Mar/2013:19:39:16 +0400] "POST /proxy/ HTTP/1.1" 
>> 400 0 "-" "-"
>>
>>
>>>
>>> Oscar
>> ***
>> To unsubscribe, send an e-mail to majord...@freehaven.net with
>> unsubscribe libevent-usersin the body.
>
>
>
> --
> Respectfully
> Azat Khuzhin
> Primary email a3at.m...@gmail.com



-- 
Respectfully
Azat Khuzhin
Primary email a3at.m...@gmail.com
***
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-usersin the body.

Re: [Libevent-users] [PATCH] Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.

2013-03-11 Thread Azat Khuzhin 
Also I want to note that HTTP POST works fine with 100 MiB.
I added test to test/regress_http.c.
Nick do you think that it is need for libevent upstream?

Which I can not say about HTTPS.

On Mon, Mar 11, 2013 at 11:26 PM, Azat Khuzhin  wrote:
> On Mon, Mar 11, 2013 at 11:22 PM, Azat Khuzhin  wrote:
>> With my libevent version 512KiB transmitted succesfully.
>>
>> azat:.../libevent/sample (https)$ tr -dc A-Za-z0-9 > head -c$((512 * 1024) >| ../../data.512.kb
>> azat:.../libevent/sample (https)$ ./https-client -url
>> https://127.0.0.1/proxy -data ../../data.512.kb -ignore-cert
>> Response line: 200 OK
>> OK
>>
>> But 4MiB:
>> azat:.../libevent/sample (https)$ tr -dc A-Za-z0-9 > head -c$((4096 * 1024)) >| ../../data.4.mb
>> azat:.../libevent/sample (https)$ ./https-client -url
>> https://127.0.0.1/proxy -data ../../data.4.mb -ignore-cert
>> some request failed - no idea which one though!
>> socket error = Resource temporarily unavailable (11)
>>
>> Why version libevent do you have?
>
> *what
>
>>
>> On Mon, Mar 11, 2013 at 7:42 PM, Alexey Ozeritsky  
>> wrote:
>>>
>>>
>>> 11.03.2013, 19:31, "Oscar Koeroo" :
 On 11-03-13 16:00, Alexey Ozeritsky wrote:

>  libevent does something wrong:
>
>  $ ./sample/https-client -url https://localhost/proxy -data 4K 
> -ignore-cert
>  Response line: 200 OK
>  OK
>
>  $ ./sample/https-client -url https://localhost/proxy -data 512K 
> -ignore-cert
>  Response line: 502 Bad Gateway
>  
>  502 Bad Gateway
>  
>  502 Bad Gateway
>  nginx/1.2.1
>  
>  

 Perhaps silly, but can you test again by adding a slash to the URL
 provided?

 i.e.: "https://localhost/proxy/"; instead of "https://localhost/proxy";

 Curl might add the missing slash making an exact match on the URL to
 succeed there.
>>>
>>> the same
>>>
>>> 4K -- ok
>>> 512K -- 502 Bad Gateway
>>> 10M -- Resource temporarily unavailable (11)
>>>
>>> python backend log:
>>> ...
>>> localhost - - [11/Mar/2013 19:38:15] "POST /proxy/ HTTP/1.0" 200 -
>>> localhost - - [11/Mar/2013 19:38:17] "POST /proxy/ HTTP/1.0" 200 -
>>> localhost - - [11/Mar/2013 19:38:22] "POST /proxy/ HTTP/1.0" 200 -
>>> ...
>>>
>>> nginx error.log:
>>> ..
>>> 2013/03/11 19:38:22 [error] 24256#0: *120 sendfile() failed (32: Broken 
>>> pipe) while sending request to upstream, client: :::127.0.0.1, server: 
>>> localhost, request: "POST /proxy/ HTTP/1.1", upstream: 
>>> "http://127.0.0.1:8000/proxy/";, host: "localhost"
>>> ..
>>> nginx access.log:
>>> :::127.0.0.1 - - [11/Mar/2013:19:38:15 +0400] "POST /proxy/ HTTP/1.1" 
>>> 200 13 "-" "-"
>>> :::127.0.0.1 - - [11/Mar/2013:19:38:22 +0400] "POST /proxy/ HTTP/1.1" 
>>> 502 172 "-" "-"
>>> :::127.0.0.1 - - [11/Mar/2013:19:39:16 +0400] "POST /proxy/ HTTP/1.1" 
>>> 400 0 "-" "-"
>>>
>>>

 Oscar
>>> ***
>>> To unsubscribe, send an e-mail to majord...@freehaven.net with
>>> unsubscribe libevent-usersin the body.
>>
>>
>>
>> --
>> Respectfully
>> Azat Khuzhin
>> Primary email a3at.m...@gmail.com
>
>
>
> --
> Respectfully
> Azat Khuzhin
> Primary email a3at.m...@gmail.com



--
Respectfully
Azat Khuzhin
Primary email a3at.m...@gmail.com
***
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-usersin the body.