You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2022/11/29 13:21:06 UTC

svn commit: r1905607 - in /httpd/httpd/branches/2.4.x: CHANGES modules/ssl/mod_ssl.c test/modules/proxy/test_01_http.py

Author: covener
Date: Tue Nov 29 13:21:06 2022
New Revision: 1905607

URL: http://svn.apache.org/viewvc?rev=1905607&view=rev
Log:


Merge r1903167  from trunk:

  *) mod_ssl: fix for PR66190.

Submitted by: icing
Reviewed by: icing, rpluem, ylavic

Github: closes #326

Modified:
    httpd/httpd/branches/2.4.x/CHANGES
    httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c
    httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Nov 29 13:21:06 2022
@@ -1,6 +1,12 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.55
 
+  *) mod_ssl: when a proxy connection had handled a request using SSL, an
+     error was logged when "SSLProxyEngine" was only configured in the
+     location/proxy section and not the overall server. The connection
+     continued to work, the error log was in error. Fixed PR66190.
+     [Stefan Eissing]
+
   *) mod_http2: Export mod_http2.h as public header. [Stefan Eissing]
 
   *) mod_md: a new directive `MDStoreLocks` can be used on cluster

Modified: httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c Tue Nov 29 13:21:06 2022
@@ -548,6 +548,13 @@ static int ssl_hook_ssl_bind_outgoing(co
     int status;
 
     sslconn = ssl_init_connection_ctx(c, per_dir_config, 1);
+    if (sslconn->ssl) {
+        /* we are already bound to this connection. We have rebound
+         * or removed the reference to a previous per_dir_config,
+         * there is nothing more to do. */
+        return OK;
+    }
+
     status = ssl_engine_status(c, sslconn);
     if (enable_ssl) {
         if (status != OK) {

Modified: httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py (original)
+++ httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py Tue Nov 29 13:21:06 2022
@@ -71,7 +71,6 @@ class TestProxyHttp:
         assert r.response["status"] == 200
         assert r.json['host'] == seen
 
-    @pytest.mark.skip(reason="needs backport of r1903167")
     def test_proxy_01_003(self, env):
         domain = f"test1.{env.http_tld}"
         conf = HttpdConf(env)