You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by gb...@apache.org on 2023/04/03 09:03:52 UTC
svn commit: r1908936 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Author: gbechis
Date: Mon Apr 3 09:03:51 2023
New Revision: 1908936
URL: http://svn.apache.org/viewvc?rev=1908936&view=rev
Log:
SSL_do_handshake can fail with 0 or <0 status codes.
spotted and fixed by rpluem@
Modified:
httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1908936&r1=1908935&r2=1908936&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Mon Apr 3 09:03:51 2023
@@ -997,7 +997,7 @@ static int ssl_hook_Access_classic(reque
* handshake to proceed. */
modssl_set_reneg_state(sslconn, RENEG_ALLOW);
- if(!SSL_renegotiate(ssl) || !SSL_do_handshake(ssl) || !SSL_is_init_finished(ssl)) {
+ if(!SSL_renegotiate(ssl) || (SSL_do_handshake(ssl) != 1) || !SSL_is_init_finished(ssl)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02225)
"Re-negotiation request failed");
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);