Does changing this one line implement persistent keep-alive connections?

After the appropriate initializations, here's an infinite loop to service incoming HTTPS requests, but only one connection per request (and assuming requests need only one read):

while TRUE do
  begin  // wait for incoming TCP connection
  if listen(listen_socket, 100)  0 then continue; // listen failed
  client_len := SizeOf(sa_cli);
  sock := accept(listen_socket, @sa_cli, @client_len); // create socket for connection
  if sock = INVALID_SOCKET then continue; // accept failed
  ssl := SSL_new(ctx); // TCP connection ready, create ssl structure
  if assigned(ssl) then
    begin
    SSL_set_fd(ssl, sock); // assign socket to ssl structure
    if SSL_accept(ssl) = 1 then // handshake worked
      begin
      bytesin := SSL_read(ssl, buffer, sizeof(buffer)-1);
      if bytesin > 0 then
        begin
        buffer[bytesin] := #0;
        // decide on response here...
        response := 'HTTP/1.0 200 OK'#13#10 + etc;
        SSL_write(ssl, pchar(response)^, length(response));
        end; // else read empty or failed
      end; // else handshake failed
    SSL_set_shutdown(ssl, SSL_SENT_SHUTDOWN or SSL_RECEIVED_SHUTDOWN);
    CloseSocket(sock);
    SSL_free(ssl);
    end; // else ssl creation failed
  end; // while

Is changing

if ssl_accept(ssl) = 1 then

to

while ssl_accept(ssl) = 1 do

all that's nee开发者_如何学编程ded to correctly support default HTTP 1.1 keep-alive (ie, multiple requests per connection)?

No. ssl_new() and ssl_accept() should be called only once per connection. Once a connection and negotiated an SSL session, there is no need to do it again. HTTP keep-alives are designed to avoid having to reconnect on each request. You need to loop your calls to ssl_read() and SSL_write() instead.

Also, don't forget to check the client's HTTP version. HTTP 1.1 clients are expected to support keep-alives by default without having to ask for them. HTTP 1.0 and earlier clients have to explicitly include a 'Connection: keep-alive' request header instead. Either way, the server needs to send a 'Connection: close' or 'Connection: keep-alive' response header to inform the client whether the connection is being closed or is being kept open, respectively.

Basically, you need to implement this kind of model (pseudo-code):

while True do
begin
  accept an incoming connection...

  initialize SSL...

  repeat
    read a request...
    if not Connected then Break;

    KeepAlive := ((client is HTTP1.1+) and (request['Connection'] = '')) or (request['Connection'] = 'keep-alive');

    prepare reply...
    response['Connection'] := iif(KeepAlive, 'keep-alive', 'close');

    send reply...

  while KeepAlive and Connected;

  cleanup SSL...
  close socket...
end;