You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by do...@apache.org on 2002/04/02 19:30:09 UTC

cvs commit: httpd-2.0/modules/ssl mod_ssl.c ssl_engine_io.c

dougm       02/04/02 09:30:08

  Modified:    modules/ssl mod_ssl.c ssl_engine_io.c
  Log:
  Reviewed by:    Ryan Bloom
  ap_remove_output_filter no longer works for connection filters.
  change logic in the case of "HTTP spoken on HTTPS port" to disable the
  ssl filters rather than attempt to remove the filters.
  
  Revision  Changes    Path
  1.62      +2 -3      httpd-2.0/modules/ssl/mod_ssl.c
  
  Index: mod_ssl.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v
  retrieving revision 1.61
  retrieving revision 1.62
  diff -u -r1.61 -r1.62
  --- mod_ssl.c	30 Mar 2002 06:46:24 -0000	1.61
  +++ mod_ssl.c	2 Apr 2002 17:30:08 -0000	1.62
  @@ -416,10 +416,9 @@
                   /*
                    * The case where OpenSSL has recognized a HTTP request:
                    * This means the client speaks plain HTTP on our HTTPS port.
  -                 * Hmmmm...  Punt this out of here after removing our output
  -                 * filter.
  +                 * ssl_io_filter_error will disable the ssl filters when it
  +                 * sees this status code.
                    */
  -                ap_remove_output_filter(filter->pOutputFilter);
                   return HTTP_BAD_REQUEST;
               }
               else if ((SSL_get_error(filter->pssl, n) == SSL_ERROR_SYSCALL) &&
  
  
  
  1.71      +12 -0     httpd-2.0/modules/ssl/ssl_engine_io.c
  
  Index: ssl_engine_io.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_io.c,v
  retrieving revision 1.70
  retrieving revision 1.71
  diff -u -r1.70 -r1.71
  --- ssl_engine_io.c	30 Mar 2002 05:16:55 -0000	1.70
  +++ ssl_engine_io.c	2 Apr 2002 17:30:08 -0000	1.71
  @@ -743,6 +743,13 @@
                                  sizeof(HTTP_ON_HTTPS_PORT) - 1, \
                                  alloc)
   
  +static void ssl_io_filter_disable(ap_filter_t *f)
  +{
  +    ssl_io_input_ctx_t *ctx = f->ctx;
  +    ctx->inbio.ssl = NULL;
  +    ctx->frec->pssl = NULL;
  +}
  +
   static apr_status_t ssl_io_filter_error(ap_filter_t *f,
                                           apr_bucket_brigade *bb,
                                           apr_status_t status)
  @@ -758,6 +765,7 @@
   
               /* fake the request line */
               bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);
  +            ssl_io_filter_disable(f);
               break;
   
         default:
  @@ -780,6 +788,10 @@
   
       apr_size_t len = sizeof(ctx->buffer);
       int is_init = (mode == AP_MODE_INIT);
  +
  +    if (!ctx->inbio.ssl) {
  +        return ap_get_brigade(f->next, bb, mode, block, readbytes);
  +    }
   
       /* XXX: we don't currently support anything other than these modes. */
       if (mode != AP_MODE_READBYTES && mode != AP_MODE_GETLINE &&