core: Follow up to r1664205 (previously backported)

Don't let invalid r->proto_num/protocol out of read_request_line() reach
the output filters (when responding with 400 Bad Request).
Suggested by: rpluem
Backports: r1664576

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768971 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/server/protocol.c b/server/protocol.c
index d11bbcdccc85482c9b487f0235f0a08aade8cf53..9d1cbc5712519dbbff22c51d8eff8a4b48a7a896 100644 (file)
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -684,6 +684,9 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02418)
                           "Invalid protocol '%s'", r->protocol);
             if (enforce_strict) {
+                r->proto_num = HTTP_VERSION(1,0);
+                r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
+                r->connection->keepalive = AP_CONN_CLOSE;
                 r->status = HTTP_BAD_REQUEST;
                 return 0;
             }