You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2020/08/17 12:32:19 UTC
svn commit: r1880927 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Author: jorton
Date: Mon Aug 17 12:32:19 2020
New Revision: 1880927
URL: http://svn.apache.org/viewvc?rev=1880927&view=rev
Log:
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Move
fill_reneg_buffer() call down after r->connection->master
check.
Modified:
httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1880927&r1=1880926&r2=1880927&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Mon Aug 17 12:32:19 2020
@@ -1146,16 +1146,6 @@ static int ssl_hook_Access_modern(reques
/* Fill reneg buffer if required. */
if (change_vmode) {
- rc = fill_reneg_buffer(r, dc);
- if (rc) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10228)
- "could not buffer message body to allow "
- "TLS Post-Handshake Authentication to proceed");
- return rc;
- }
- }
-
- if (change_vmode) {
char peekbuf[1];
if (r->connection->master) {
@@ -1167,6 +1157,14 @@ static int ssl_hook_Access_modern(reques
return HTTP_FORBIDDEN;
}
+ rc = fill_reneg_buffer(r, dc);
+ if (rc) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10228)
+ "could not buffer message body to allow "
+ "TLS Post-Handshake Authentication to proceed");
+ return rc;
+ }
+
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(10129)
"verify client post handshake");