From f766a83553ba39cd1d4ad552b735fb482defd0ff Mon Sep 17 00:00:00 2001
From: Giovanni Bechis <gbechis@apache.org>
Date: Thu, 30 Mar 2023 17:09:09 +0000
Subject: [PATCH] check for more possible SSL failures bz #66225

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908805 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/ssl/ssl_engine_kernel.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 8a11cf4962..27c1d2383a 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -997,10 +997,7 @@ static int ssl_hook_Access_classic(request_rec *r, SSLSrvConfigRec *sc, SSLDirCo
              * handshake to proceed. */
             modssl_set_reneg_state(sslconn, RENEG_ALLOW);
 
-            SSL_renegotiate(ssl);
-            SSL_do_handshake(ssl);
-
-            if (!SSL_is_init_finished(ssl)) {
+            if(!SSL_renegotiate(ssl) || !SSL_do_handshake(ssl) || !SSL_is_init_finished(ssl)) {
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02225)
                               "Re-negotiation request failed");
                 ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);