From: Doug MacEachern Date: Fri, 18 Jan 2002 00:13:25 +0000 (+0000) Subject: fix for SSLv2 requests X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=96fc175c7d599894078f3c210aa5aabac8d6e45e;p=thirdparty%2Fapache%2Fhttpd.git fix for SSLv2 requests git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92897 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/ssl_engine_io.c b/ssl_engine_io.c index 0b8a762eb79..2ca45e47f01 100644 --- a/ssl_engine_io.c +++ b/ssl_engine_io.c @@ -292,6 +292,8 @@ typedef struct { } char_buffer_t; typedef struct { + SSL *ssl; + BIO *wbio; ap_filter_t *f; apr_status_t rc; ap_input_mode_t mode; @@ -354,8 +356,16 @@ static int bio_bucket_in_read(BIO *bio, char *in, int inl) int len = 0; apr_off_t readbytes = inl; - inbio->rc = APR_SUCCESS; + /* XXX: flush here only required for SSLv2; + * OpenSSL calls BIO_flush() at the appropriate times for + * the other protocols. + */ + if (SSL_version(inbio->ssl) == SSL2_VERSION) { + BIO_bucket_flush(inbio->wbio); + } + inbio->rc = APR_SUCCESS; + /* first use data already read from socket if any */ if ((len = char_buffer_read(&inbio->cbuf, in, inl))) { if ((len <= inl) || inbio->getline) { @@ -789,6 +799,8 @@ static void ssl_io_input_add_filter(SSLFilterRec *frec, conn_rec *c, frec->pbioRead->ptr = &ctx->inbio; ctx->frec = frec; + ctx->inbio.ssl = ssl; + ctx->inbio.wbio = frec->pbioWrite; ctx->inbio.f = frec->pInputFilter; ctx->inbio.bb = apr_brigade_create(c->pool); ctx->inbio.bucket = NULL; @@ -825,14 +837,14 @@ void ssl_io_filter_init(conn_rec *c, SSL *ssl) filter = apr_palloc(c->pool, sizeof(SSLFilterRec)); - ssl_io_input_add_filter(filter, c, ssl); - filter->pOutputFilter = ap_add_output_filter(ssl_io_filter, filter, NULL, c); filter->pbioWrite = BIO_new(BIO_s_bucket()); filter->pbioWrite->ptr = BIO_bucket_new(filter, c); + ssl_io_input_add_filter(filter, c, ssl); + SSL_set_bio(ssl, filter->pbioRead, filter->pbioWrite); filter->pssl = ssl;