From: Ruediger Pluem Date: Wed, 29 Dec 2010 09:43:56 +0000 (+0000) Subject: * Fix r1039304 and make the patch similar to the one proposed for X-Git-Tag: 2.3.11~317 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2eb8e09fe707cdcff490b7edd65baa208e845690;p=thirdparty%2Fapache%2Fhttpd.git * Fix r1039304 and make the patch similar to the one proposed for 2.2.x: If the SSL handshake to the backend fails we cannot even sent an HTTP request. So the check needs to happen already when we sent data not when we receive data. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053584 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c index e661f34e451..9aa168697f8 100644 --- a/modules/proxy/mod_proxy_http.c +++ b/modules/proxy/mod_proxy_http.c @@ -271,10 +271,16 @@ static int pass_brigade(apr_bucket_alloc_t *bucket_alloc, ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server, "proxy: pass request body failed to %pI (%s)", conn->addr, conn->hostname); - if (origin->aborted) { + if (origin->aborted) { + if (strcmp(apr_table_get(origin->notes, + "SSL_connect_rv"), "err") == 0) { + return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, + "Error during SSL Handshake with" + " remote server"); + } return APR_STATUS_IS_TIMEUP(status) ? HTTP_GATEWAY_TIME_OUT : HTTP_BAD_GATEWAY; } - else { + else { return HTTP_BAD_REQUEST; } } @@ -1469,12 +1475,6 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r, return ap_proxyerror(r, HTTP_SERVICE_UNAVAILABLE, "Timeout on 100-Continue"); } } - else if (strcmp(apr_table_get(backend->connection->notes, - "SSL_connect_rv"), "err") == 0) { - return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, - "Error during SSL Handshake with" - " remote server"); - } /* * If we are a reverse proxy request shutdown the connection * WITHOUT ANY response to trigger a retry by the client