PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_ssl: Fix missing TLS Upgrade/Connection headers on OPTIONS * requests
- (Note that this is simply a necessary band-aid, and still won't allow h2c
- to peacefully coexist with tls/n.n upgrades, because Upgrade phase needs
- to come earlier, not as a handler, and the bogus connection-close behavior
- must be removed before the Protocol API can handle TLS upgrade.)
- PR58688
- trunk patch: http://svn.apache.org/r1717816
- +1: wrowe, icing, ylavic
-
*) mod_ssl: handle APR_TIMEUP on empty input by keeping connection state valid
for later retries.
trunk patch: http://svn.apache.org/r1725940
sslconn = myConnConfig(r->connection->master);
}
+ /* If "SSLEngine optional" is configured, this is not an SSL
+ * connection, and this isn't a subrequest, send an Upgrade
+ * response header. Note this must happen before map_to_storage
+ * and OPTIONS * request processing is completed.
+ */
+ if (sc->enabled == SSL_ENABLED_OPTIONAL && !(sslconn && sslconn->ssl)
+ && !r->main) {
+ apr_table_setn(r->headers_out, "Upgrade", "TLS/1.0, HTTP/1.1");
+ apr_table_mergen(r->headers_out, "Connection", "upgrade");
+ }
+
if (!sslconn) {
return DECLINED;
}
SSL *ssl;
int i;
- /* If "SSLEngine optional" is configured, this is not an SSL
- * connection, and this isn't a subrequest, send an Upgrade
- * response header. */
- if (sc->enabled == SSL_ENABLED_OPTIONAL && !(sslconn && sslconn->ssl)
- && !r->main) {
- apr_table_setn(r->headers_out, "Upgrade", "TLS/1.0, HTTP/1.1");
- apr_table_mergen(r->headers_out, "Connection", "upgrade");
- }
-
if (!(sslconn && sslconn->ssl) && r->connection->master) {
sslconn = myConnConfig(r->connection->master);
}
projects / thirdparty / apache / httpd.git / commitdiff
