You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2018/08/28 12:42:21 UTC
svn commit: r1839442 - /httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
Author: ylavic
Date: Tue Aug 28 12:42:21 2018
New Revision: 1839442
URL: http://svn.apache.org/viewvc?rev=1839442&view=rev
Log:
mod_proxy: follow up to r1645529: 502 in case of SSL handshake failure.
Make the SSL filters chain return an error when the handshake fails with an
origin server. It can then be caught by mod_proxy to fail with 502.
Modified:
httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=1839442&r1=1839441&r2=1839442&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Tue Aug 28 12:42:21 2018
@@ -1017,14 +1017,10 @@ static apr_status_t ssl_io_filter_error(
break;
case MODSSL_ERROR_BAD_GATEWAY:
- /* Send an error bucket, though the proxy currently has no
- * special handling for error buckets and ignores this. */
- bucket = ap_bucket_error_create(HTTP_BAD_GATEWAY, NULL,
- f->c->pool,
- f->c->bucket_alloc);
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, APLOGNO(01997)
"SSL handshake failed: sending 502");
- break;
+ f->c->aborted = 1;
+ return APR_EGENERAL;
default:
return status;