From: Joe Orton Date: Mon, 17 Aug 2020 12:32:19 +0000 (+0000) Subject: * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Move X-Git-Tag: 2.5.0-alpha2-ci-test-only~1234 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=28602f2509299cd104cbe64511b0cee4e58b358a;p=thirdparty%2Fapache%2Fhttpd.git * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Move fill_reneg_buffer() call down after r->connection->master check. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1880927 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index d2a8011294e..0b22c2de288 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1145,16 +1145,6 @@ static int ssl_hook_Access_modern(request_rec *r, SSLSrvConfigRec *sc, SSLDirCon } /* Fill reneg buffer if required. */ - if (change_vmode) { - rc = fill_reneg_buffer(r, dc); - if (rc) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10228) - "could not buffer message body to allow " - "TLS Post-Handshake Authentication to proceed"); - return rc; - } - } - if (change_vmode) { char peekbuf[1]; @@ -1167,6 +1157,14 @@ static int ssl_hook_Access_modern(request_rec *r, SSLSrvConfigRec *sc, SSLDirCon return HTTP_FORBIDDEN; } + rc = fill_reneg_buffer(r, dc); + if (rc) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10228) + "could not buffer message body to allow " + "TLS Post-Handshake Authentication to proceed"); + return rc; + } + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(10129) "verify client post handshake");