You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by gb...@apache.org on 2023/04/03 09:03:52 UTC

svn commit: r1908936 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Author: gbechis
Date: Mon Apr  3 09:03:51 2023
New Revision: 1908936

URL: http://svn.apache.org/viewvc?rev=1908936&view=rev
Log:
SSL_do_handshake can fail with 0 or <0 status codes.
spotted and fixed by rpluem@

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1908936&r1=1908935&r2=1908936&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Mon Apr  3 09:03:51 2023
@@ -997,7 +997,7 @@ static int ssl_hook_Access_classic(reque
              * handshake to proceed. */
             modssl_set_reneg_state(sslconn, RENEG_ALLOW);
 
-            if(!SSL_renegotiate(ssl) || !SSL_do_handshake(ssl) || !SSL_is_init_finished(ssl)) {
+            if(!SSL_renegotiate(ssl) || (SSL_do_handshake(ssl) != 1) || !SSL_is_init_finished(ssl)) {
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02225)
                               "Re-negotiation request failed");
                 ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);