From ea4d778cd6a938a68181dde024a2ee7889695bc3 Mon Sep 17 00:00:00 2001 From: Yann Ylavic Date: Wed, 1 Jul 2020 23:16:04 +0000 Subject: [PATCH] mod_ssl: release coalesced data when called from ap_filter_output_pending(). The purpose of ap_filter_output_pending() is to flush pending data, so ssl_io_filter_coalesce() should honor that. This allows mod_proxy to not care about mod_ssl coalescing filters when tunneling between connections. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1879416 13f79535-47bb-0310-9956-ffa450edef68 --- modules/proxy/proxy_util.c | 6 ------ modules/ssl/ssl_engine_io.c | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c index 8b99c5f8d2..7695817dcb 100644 --- a/modules/proxy/proxy_util.c +++ b/modules/proxy/proxy_util.c @@ -4327,12 +4327,6 @@ PROXY_DECLARE(apr_status_t) ap_proxy_tunnel_create(proxy_tunnel_rec **ptunnel, apr_socket_opt_set(tunnel->client->pfd->desc.s, APR_SO_NONBLOCK, 1); apr_socket_opt_set(tunnel->origin->pfd->desc.s, APR_SO_NONBLOCK, 1); - /* No coalescing filters */ - ap_remove_output_filter_byhandle(c_i->output_filters, - "SSL/TLS Coalescing Filter"); - ap_remove_output_filter_byhandle(c_o->output_filters, - "SSL/TLS Coalescing Filter"); - /* Bidirectional non-HTTP stream will confuse mod_reqtimeoout */ ap_remove_input_filter_byhandle(c_i->input_filters, "reqtimeout"); diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c index 4bcf5e9dec..9ea36a5658 100644 --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c @@ -1715,6 +1715,20 @@ static apr_status_t ssl_io_filter_coalesce(ap_filter_t *f, apr_size_t buffered = ctx ? ctx->bytes : 0; /* space used on entry */ unsigned count = 0; + /* Pass down everything if called from ap_filter_output_pending() */ + if (APR_BRIGADE_EMPTY(bb)) { + if (!ctx || !ctx->bytes) { + return APR_SUCCESS; + } + + e = apr_bucket_transient_create(ctx->buffer, ctx->bytes, + bb->bucket_alloc); + APR_BRIGADE_INSERT_TAIL(bb, e); + ctx->bytes = 0; /* buffer now emptied. */ + + return ap_pass_brigade(f->next, bb); + } + /* The brigade consists of zero-or-more small data buckets which * can be coalesced (referred to as the "prefix"), followed by the * remainder of the brigade.