]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 225d471)
mod_ssl: We no longer throw away handshake errors. Handle APR_EGENERAL
authorGraham Leggett <minfrin@apache.org>
Sun, 23 Jan 2022 21:16:06 +0000 (21:16 +0000)
committerGraham Leggett <minfrin@apache.org>
Sun, 23 Jan 2022 21:16:06 +0000 (21:16 +0000)
which means that mod_ssl has passed an http error down the stack.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1897387 13f79535-47bb-0310-9956-ffa450edef68

docs/log-message-tags/next-number patch | blob | blame | history
modules/ssl/mod_ssl.c patch | blob | blame | history

diff --git a/docs/log-message-tags/next-number b/docs/log-message-tags/next-number
index daf369612ba6429b0a66809712eaaf00e24f4060..e2013a8dec375867072507127f10d8df7ac676c9 100644 (file)
--- a/docs/log-message-tags/next-number
+++ b/docs/log-message-tags/next-number
@@ -1 +1 @@
-10370
+10374
diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
index 1714380df8df960cba2b799cdc319aa1b9353b65..276ee55b7b94869c57a4f0a7ed221a4754d46a71 100644 (file)
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -723,17 +723,37 @@ static int ssl_hook_process_connection(conn_rec* c)
 
             if (rv == APR_SUCCESS) {
                 /* great news, lets continue */
+
+                ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(10370)
+                              "SSL handshake completed, continuing");
+
                 status = DECLINED;
             }
             else if (rv == APR_EAGAIN) {
                 /* we've been asked to come around again, don't block */
-                status = OK;
+
+                ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(10371)
+                              "SSL handshake in progress, continuing");
+
+               status = OK;
+            }
+            else if (rv == APR_EGENERAL) {
+                /* handshake error, but mod_ssl handled it */
+
+                ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(10372)
+                              "SSL handshake failed, returning error response");
+
+               status = DECLINED;
             }
             else {
                 /* we failed, give up */
 
                 cs->state = CONN_STATE_LINGER;
 
+                ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(10373)
+                              "SSL handshake was not completed, "
+                              "closing connection");
+
                 status = OK;
             }
         }
Mirror of https://github.com/apache/httpd.git