merge r161958 from trunk:

author Colm MacCarthaigh <colm@apache.org>

Tue, 24 Jan 2006 22:43:38 +0000 (22:43 +0000)

committer Colm MacCarthaigh <colm@apache.org>

Tue, 24 Jan 2006 22:43:38 +0000 (22:43 +0000)
author Colm MacCarthaigh <colm@apache.org>
Tue, 24 Jan 2006 22:43:38 +0000 (22:43 +0000)
committer Colm MacCarthaigh <colm@apache.org>
Tue, 24 Jan 2006 22:43:38 +0000 (22:43 +0000)
diff --git a/CHANGES b/CHANGES

index 31bd75a089f581c249cdaf32fa235cc2c9a9f6e4..c77bec26b4b39d3d50f37efc43a8d1f7c7fc966b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                           -*- coding: utf-8 -*-
  Changes with Apache 2.0.56
  
+  *) mod_ssl: Correct issue where mod_ssl does not pick up the 
+     ssl-unclean-shutdown setting when configured. PR 34452. [Joe Orton]
+
    *) Document the ReceiveBufferSize change done in r157583 [Murray
       Nesbitt <murray@cpan.org>]
  
diff --git a/STATUS b/STATUS

index e5be681881225cacd546c6e87c5d9e66d94ef2aa..44f7cbd9750b69258581909ed430cc499872777a 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -133,15 +133,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
           http://svn.apache.org/viewcvs?view=rev&rev=154319
         +1: stoddard, striker, wrowe (as corrected in subsequent patches)
  
-    *) mod_ssl: Fix issues picking up ssl-unclean-shutdown setting
-       for e.g. a reverse proxy config, breaking interop with MSIE
-       in some cases.
-       http://svn.apache.org/viewcvs?view=rev&rev=161958
-       rediffed for 2.0.x as:
-       http://issues.apache.org/bugzilla/attachment.cgi?id=14804
-       PR: 34452
-       +1: jorton, trawick, jim
-
      *) Block mod_cgid usage on Solaris 10 due to OS bugs.  PR 34264.
         http://svn.apache.org/viewcvs?view=rev&rev=264866
         +1: jerenkrantz, colm, jim
diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c

index 567067b10209c5685de216239520fdc0c4791ea5..4415f9cefe78abe7e410c822a83d39a9ba9fe09a 100644 (file)
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -391,6 +391,10 @@ static apr_port_t ssl_hook_default_port(const request_rec *r)
  
  static void ssl_register_hooks(apr_pool_t *p)
  {
+    /* ssl_hook_ReadReq needs to use the BrowserMatch settings so must
+     * run after mod_setenvif's post_read_request hook. */ 
+    static const char *pre_prr[] = { "mod_setenvif.c", NULL };
+
      ssl_io_filter_register(p);
  
      ap_hook_pre_connection(ssl_hook_pre_connection,NULL,NULL, APR_HOOK_MIDDLE);
@@ -399,12 +403,11 @@ static void ssl_register_hooks(apr_pool_t *p)
      ap_hook_default_port  (ssl_hook_default_port,  NULL,NULL, APR_HOOK_MIDDLE);
      ap_hook_pre_config    (ssl_hook_pre_config,    NULL,NULL, APR_HOOK_MIDDLE);
      ap_hook_child_init    (ssl_init_Child,         NULL,NULL, APR_HOOK_MIDDLE);
-    ap_hook_translate_name(ssl_hook_Translate,     NULL,NULL, APR_HOOK_MIDDLE);
      ap_hook_check_user_id (ssl_hook_UserCheck,     NULL,NULL, APR_HOOK_FIRST);
      ap_hook_fixups        (ssl_hook_Fixup,         NULL,NULL, APR_HOOK_MIDDLE);
      ap_hook_access_checker(ssl_hook_Access,        NULL,NULL, APR_HOOK_MIDDLE);
      ap_hook_auth_checker  (ssl_hook_Auth,          NULL,NULL, APR_HOOK_MIDDLE);
-    ap_hook_post_read_request(ssl_hook_ReadReq,    NULL,NULL, APR_HOOK_MIDDLE);
+    ap_hook_post_read_request(ssl_hook_ReadReq, pre_prr,NULL, APR_HOOK_MIDDLE);
  
      ssl_var_register();
  
diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h

index 0db1e28bf89dcafe1e5299896a7f55dcdd260bd4..2d97884d44be4fc32ac97f99605b3db258dbd20f 100644 (file)
--- a/modules/ssl/mod_ssl.h
+++ b/modules/ssl/mod_ssl.h
@@ -570,7 +570,6 @@ void         ssl_init_Child(apr_pool_t *, server_rec *);
  apr_status_t ssl_init_ModuleKill(void *data);
  
  /*  Apache API hooks  */
-int          ssl_hook_Translate(request_rec *);
  int          ssl_hook_Auth(request_rec *);
  int          ssl_hook_UserCheck(request_rec *);
  int          ssl_hook_Access(request_rec *);
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c

index 5086e916307ead8912f82f01fec75fdea405525e..4f04d464fec25f952b34726fedb9ae4b9a8c76da 100644 (file)
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -30,6 +30,8 @@
                                              -- Unknown                */
  #include "mod_ssl.h"
  
+static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
+
  /*
   *  Post Read Request Handler
   */
@@ -81,8 +83,31 @@ int ssl_hook_ReadReq(request_rec *r)
       * Get the SSL connection structure and perform the
       * delayed interlinking from SSL back to request_rec
       */
-    if ((ssl = sslconn->ssl)) {
-        SSL_set_app_data2(ssl, r);
+    ssl = sslconn->ssl;
+    if (!ssl) {
+        return DECLINED;
+    }
+    SSL_set_app_data2(ssl, r);
+
+    /*
+     * Log information about incoming HTTPS requests
+     */
+    if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
+        ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
+                     "%s HTTPS request received for child %ld (server %s)",
+                     (r->connection->keepalives <= 0 ?
+                     "Initial (No.1)" :
+                     apr_psprintf(r->pool, "Subsequent (No.%d)",
+                                  r->connection->keepalives+1)),
+                     r->connection->id,
+                     ssl_util_vhostid(r->pool, r->server));
+    }
+
+    /* SetEnvIf ssl-*-shutdown flags can only be per-server,
+     * so they won't change across keepalive requests
+     */
+    if (sslconn->shutdown_type == SSL_SHUTDOWN_TYPE_UNSET) {
+        ssl_configure_env(r, sslconn);
      }
  
      return DECLINED;
@@ -125,41 +150,6 @@ static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn)
      }
  }
  
-/*
- *  URL Translation Handler
- */
-int ssl_hook_Translate(request_rec *r)
-{
-    SSLConnRec *sslconn = myConnConfig(r->connection);
-
-    if (!(sslconn && sslconn->ssl)) {
-        return DECLINED;
-    }
-
-    /*
-     * Log information about incoming HTTPS requests
-     */
-    if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
-        ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
-                     "%s HTTPS request received for child %ld (server %s)",
-                     (r->connection->keepalives <= 0 ?
-                     "Initial (No.1)" :
-                     apr_psprintf(r->pool, "Subsequent (No.%d)",
-                                  r->connection->keepalives+1)),
-                     r->connection->id,
-                     ssl_util_vhostid(r->pool, r->server));
-    }
-
-    /* SetEnvIf ssl-*-shutdown flags can only be per-server,
-     * so they won't change across keepalive requests
-     */
-    if (sslconn->shutdown_type == SSL_SHUTDOWN_TYPE_UNSET) {
-        ssl_configure_env(r, sslconn);
-    }
-
-    return DECLINED;
-}
-
  /*
   *  Access Handler
   */
author	Colm MacCarthaigh <colm@apache.org>
	Tue, 24 Jan 2006 22:43:38 +0000 (22:43 +0000)
committer	Colm MacCarthaigh <colm@apache.org>
	Tue, 24 Jan 2006 22:43:38 +0000 (22:43 +0000)
CHANGES		patch \| blob \| blame \| history
STATUS		patch \| blob \| blame \| history
modules/ssl/mod_ssl.c		patch \| blob \| blame \| history
modules/ssl/mod_ssl.h		patch \| blob \| blame \| history
modules/ssl/ssl_engine_kernel.c		patch \| blob \| blame \| history