You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by mi...@apache.org on 2016/03/08 00:40:17 UTC

svn commit: r1734006 - in /httpd/httpd/trunk: CHANGES modules/ssl/mod_ssl.c

Author: minfrin
Date: Mon Mar  7 23:40:17 2016
New Revision: 1734006

URL: http://svn.apache.org/viewvc?rev=1734006&view=rev
Log:
mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake()
hook returns an error.

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/ssl/mod_ssl.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1734006&r1=1734005&r2=1734006&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Mon Mar  7 23:40:17 2016
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake()
+     hook returns an error. [Graham Leggett]
+
   *) ab: Use caseless matching for HTTP tokens (e.g. content-length). PR 59111.
      [Yann Ylavic]
 

Modified: httpd/httpd/trunk/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl.c?rev=1734006&r1=1734005&r2=1734006&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/trunk/modules/ssl/mod_ssl.c Mon Mar  7 23:40:17 2016
@@ -492,7 +492,7 @@ int ssl_init_ssl_connection(conn_rec *c,
      * attach this to the socket. Additionally we register this attachment
      * so we can detach later.
      */
-    if (!(ssl = SSL_new(mctx->ssl_ctx))) {
+    if (!(sslconn->ssl = ssl = SSL_new(mctx->ssl_ctx))) {
         ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(01962)
                       "Unable to create a new SSL connection from the SSL "
                       "context");
@@ -526,8 +526,6 @@ int ssl_init_ssl_connection(conn_rec *c,
     SSL_set_app_data(ssl, c);
     modssl_set_app_data2(ssl, NULL); /* will be request_rec */
 
-    sslconn->ssl = ssl;
-
     SSL_set_verify_result(ssl, X509_V_OK);
 
     ssl_io_filter_init(c, r, ssl);