The patch below reverts the prior commit to eliminate SSL_set_state().

Some additional work or research is required in order to pass the perl-framework regressions, but I don't have the cycles and don't care to leave the broken code in cvs HEAD. REVERTING: wrowe 2003/05/19 08:13:19 Modified: modules/ssl config.m4 ssl_engine_io.c ssl_engine_kernel.c ssl_toolkit_compat.h Log: Drop SSL_set_state() in favor of a proper SSL_renegotiate() to begin rehandshaking the SSL connection, vis-a-vis ApacheSSL. Revision Changes Path 1.15 +0 -1 httpd-2.0/modules/ssl/config.m4 1.108 +1 -1 httpd-2.0/modules/ssl/ssl_engine_io.c 1.93 +1 -1 httpd-2.0/modules/ssl/ssl_engine_kernel.c 1.34 +0 -6 httpd-2.0/modules/ssl/ssl_toolkit_compat.h git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100004 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2003-05-22 19:41:32 +00:00
parent 00ccedee3d
commit 26f1ba8050
4 changed files with 17 additions and 2 deletions
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -712,7 +712,11 @@ int ssl_hook_Access(request_rec *r)
            ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
                         "Awaiting re-negotiation handshake");

-            SSL_renegotiate(ssl);
+            /* XXX: Should replace SSL_set_state with SSL_renegotiate(ssl);
+             * However, this causes failures in perl-framework currently, 
+             * perhaps pre-test if we have already negotiated?
+             */
+            SSL_set_state(ssl, SSL_ST_ACCEPT);
            SSL_do_handshake(ssl);

            if (SSL_get_state(ssl) != SSL_ST_OK) {