www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Fix issue where mod_ssl does not pick up the ssl-unclean-shutdown

Browse Source 
setting when configured e.g. as a reverse proxy:

* modules/ssl/ssl_private.h: Remove ssl_hook_Translate.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_ReadReq): Merge in
ssl_hook_Translate.  (ssl_hook_Translate): Remove.

* modules/ssl/mod_ssl.c (ssl_register_hooks): Ensure that _ReadReq
hook runs after mod_setenvif.c; don't register translate_name hook.

PR: 34452


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@161958 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
2005-04-19 20:02:09 +00:00
parent cda74843ef
commit 645809dbba
3 changed files with 32 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/ssl/mod_ssl.c
View File

@@ -478,6 +478,10 @@ static void ssl_hook_Insert_Filter(request_rec *r)
static void ssl_register_hooks(apr_pool_t *p) static void ssl_register_hooks(apr_pool_t *p)
{ {
/* ssl_hook_ReadReq needs to use the BrowserMatch settings so must
* run after mod_setenvif's post_read_request hook. */
static const char *pre_prr[] = { "mod_setenvif.c", NULL };
ssl_io_filter_register(p); ssl_io_filter_register(p);
ap_hook_pre_connection(ssl_hook_pre_connection,NULL,NULL, APR_HOOK_MIDDLE); ap_hook_pre_connection(ssl_hook_pre_connection,NULL,NULL, APR_HOOK_MIDDLE);
@@ -487,12 +491,11 @@ static void ssl_register_hooks(apr_pool_t *p)
ap_hook_default_port (ssl_hook_default_port, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_default_port (ssl_hook_default_port, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_pre_config (ssl_hook_pre_config, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_pre_config (ssl_hook_pre_config, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_child_init (ssl_init_Child, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_child_init (ssl_init_Child, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_translate_name(ssl_hook_Translate, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_check_user_id (ssl_hook_UserCheck, NULL,NULL, APR_HOOK_FIRST); ap_hook_check_user_id (ssl_hook_UserCheck, NULL,NULL, APR_HOOK_FIRST);
ap_hook_fixups (ssl_hook_Fixup, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_fixups (ssl_hook_Fixup, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_access_checker(ssl_hook_Access, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_access_checker(ssl_hook_Access, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_auth_checker (ssl_hook_Auth, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_auth_checker (ssl_hook_Auth, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_post_read_request(ssl_hook_ReadReq, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_post_read_request(ssl_hook_ReadReq, pre_prr,NULL, APR_HOOK_MIDDLE);
ap_hook_insert_filter (ssl_hook_Insert_Filter, NULL,NULL, APR_HOOK_MIDDLE); ap_hook_insert_filter (ssl_hook_Insert_Filter, NULL,NULL, APR_HOOK_MIDDLE);
/* ap_hook_handler (ssl_hook_Upgrade, NULL,NULL, APR_HOOK_MIDDLE); */ /* ap_hook_handler (ssl_hook_Upgrade, NULL,NULL, APR_HOOK_MIDDLE); */

64
modules/ssl/ssl_engine_kernel.c
View File

@@ -30,6 +30,8 @@
-- Unknown */ -- Unknown */
#include "ssl_private.h" #include "ssl_private.h"
static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
/* /*
* Post Read Request Handler * Post Read Request Handler
*/ */
@@ -81,8 +83,31 @@ int ssl_hook_ReadReq(request_rec *r)
* Get the SSL connection structure and perform the * Get the SSL connection structure and perform the
* delayed interlinking from SSL back to request_rec * delayed interlinking from SSL back to request_rec
*/ */
if ((ssl = sslconn->ssl)) { ssl = sslconn->ssl;
SSL_set_app_data2(ssl, r); if (!ssl) {
return DECLINED;
}
SSL_set_app_data2(ssl, r);
/*
* Log information about incoming HTTPS requests
*/
if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
"%s HTTPS request received for child %ld (server %s)",
(r->connection->keepalives <= 0 ?
"Initial (No.1)" :
apr_psprintf(r->pool, "Subsequent (No.%d)",
r->connection->keepalives+1)),
r->connection->id,
ssl_util_vhostid(r->pool, r->server));
}
/* SetEnvIf ssl-*-shutdown flags can only be per-server,
* so they won't change across keepalive requests
*/
if (sslconn->shutdown_type == SSL_SHUTDOWN_TYPE_UNSET) {
ssl_configure_env(r, sslconn);
} }
return DECLINED; return DECLINED;
@@ -125,41 +150,6 @@ static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn)
} }
} }
/*
* URL Translation Handler
*/
int ssl_hook_Translate(request_rec *r)
{
SSLConnRec *sslconn = myConnConfig(r->connection);
if (!(sslconn && sslconn->ssl)) {
return DECLINED;
}
/*
* Log information about incoming HTTPS requests
*/
if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
"%s HTTPS request received for child %ld (server %s)",
(r->connection->keepalives <= 0 ?
"Initial (No.1)" :
apr_psprintf(r->pool, "Subsequent (No.%d)",
r->connection->keepalives+1)),
r->connection->id,
ssl_util_vhostid(r->pool, r->server));
}
/* SetEnvIf ssl-*-shutdown flags can only be per-server,
* so they won't change across keepalive requests
*/
if (sslconn->shutdown_type == SSL_SHUTDOWN_TYPE_UNSET) {
ssl_configure_env(r, sslconn);
}
return DECLINED;
}
/* /*
* Access Handler * Access Handler
*/ */

1
modules/ssl/ssl_private.h
View File

@@ -531,7 +531,6 @@ void ssl_init_Child(apr_pool_t *, server_rec *);
apr_status_t ssl_init_ModuleKill(void *data); apr_status_t ssl_init_ModuleKill(void *data);
/* Apache API hooks */ /* Apache API hooks */
int ssl_hook_Translate(request_rec *);
int ssl_hook_Auth(request_rec *); int ssl_hook_Auth(request_rec *);
int ssl_hook_UserCheck(request_rec *); int ssl_hook_UserCheck(request_rec *);
int ssl_hook_Access(request_rec *); int ssl_hook_Access(request_rec *);