You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2010/12/29 10:43:56 UTC
svn commit: r1053584 - /httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
Author: rpluem
Date: Wed Dec 29 09:43:56 2010
New Revision: 1053584
URL: http://svn.apache.org/viewvc?rev=1053584&view=rev
Log:
* Fix r1039304 and make the patch similar to the one proposed for
2.2.x: If the SSL handshake to the backend fails we cannot even
sent an HTTP request. So the check needs to happen already when
we sent data not when we receive data.
Modified:
httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
Modified: httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?rev=1053584&r1=1053583&r2=1053584&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy_http.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy_http.c Wed Dec 29 09:43:56 2010
@@ -271,10 +271,16 @@ static int pass_brigade(apr_bucket_alloc
ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
"proxy: pass request body failed to %pI (%s)",
conn->addr, conn->hostname);
- if (origin->aborted) {
+ if (origin->aborted) {
+ if (strcmp(apr_table_get(origin->notes,
+ "SSL_connect_rv"), "err") == 0) {
+ return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR,
+ "Error during SSL Handshake with"
+ " remote server");
+ }
return APR_STATUS_IS_TIMEUP(status) ? HTTP_GATEWAY_TIME_OUT : HTTP_BAD_GATEWAY;
}
- else {
+ else {
return HTTP_BAD_REQUEST;
}
}
@@ -1469,12 +1475,6 @@ apr_status_t ap_proxy_http_process_respo
return ap_proxyerror(r, HTTP_SERVICE_UNAVAILABLE, "Timeout on 100-Continue");
}
}
- else if (strcmp(apr_table_get(backend->connection->notes,
- "SSL_connect_rv"), "err") == 0) {
- return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR,
- "Error during SSL Handshake with"
- " remote server");
- }
/*
* If we are a reverse proxy request shutdown the connection
* WITHOUT ANY response to trigger a retry by the client