mod_proxy: allow SSLProxyCheckPeer* usage for all proxy modules.
PR 61857.
Proposed by: Markus Gausling <markusgausling googlemail.com>
Reviewed by: ylavic, rjung, rpluem
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1859844 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.4.40
+ *) mod_proxy: allow SSLProxyCheckPeer* usage for all proxy modules.
+ PR 61857. [Markus Gausling <markusgausling googlemail.com>, Yann Ylavic]
+
*) mod_reqtimeout: Fix default rates missing (not applied) in 2.4.39.
PR 63325. [Yann Ylavic]
*/
apr_table_setn(ctx->p_conn->connection->notes,
"proxy-request-alpn-protos", "h2");
- if (ctx->p_conn->ssl_hostname) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctx->owner,
- "set SNI to %s for (%s)",
- ctx->p_conn->ssl_hostname,
- ctx->p_conn->hostname);
- apr_table_setn(ctx->p_conn->connection->notes,
- "proxy-request-hostname", ctx->p_conn->ssl_hostname);
- }
}
}
if ((status = ap_proxy_connection_create_ex(proxy_function,
backend, r)) != OK)
break;
- /*
- * On SSL connections set a note on the connection what CN is
- * requested, such that mod_ssl can check if it is requested to do
- * so.
- */
- if (backend->ssl_hostname) {
- apr_table_setn(backend->connection->notes,
- "proxy-request-hostname",
- backend->ssl_hostname);
- }
}
/* Step Four: Send the Request
backend_addr, conn->hostname);
return HTTP_INTERNAL_SERVER_ERROR;
}
+ if (conn->ssl_hostname) {
+ /* Set a note on the connection about what CN is requested,
+ * such that mod_ssl can check if it is requested to do so.
+ */
+ apr_table_setn(conn->connection->notes, "proxy-request-hostname",
+ conn->ssl_hostname);
+ }
}
else {
/* TODO: See if this will break FTP */