From: Christophe Jaillet <jailletc36@apache.org>
Date: Tue, 21 Apr 2020 09:02:20 +0000 (+0000)
Subject: Fix the way we are looking for "TLS/1.0" tokens.
X-Git-Tag: 2.5.0-alpha2-ci-test-only~1503
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=adab20c8393d963be65af90ef4e6a97114b00366;p=thirdparty%2Fapache%2Fhttpd.git

Fix the way we are looking for "TLS/1.0" tokens.
ap_find_token() is more robust than expecting the token to be the first one in the 'Upgrade' header field.

(see modules/ssl/ssl_engine_kernel.c#284)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1876779 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/arch/netware/mod_nw_ssl.c b/modules/arch/netware/mod_nw_ssl.c
index 298554a6e5f..ae0ef023088 100644
--- a/modules/arch/netware/mod_nw_ssl.c
+++ b/modules/arch/netware/mod_nw_ssl.c
@@ -1178,7 +1178,7 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
 
     upgrade = apr_table_get(r->headers_in, "Upgrade");
     if (upgrade == NULL
-        || strcmp(ap_getword(r->pool, &upgrade, ','), "TLS/1.0")) {
+        || ap_find_token(r->pool, upgrade, "TLS/1.0")) {
             /* "Upgrade: TLS/1.0, ..." header not found, don't do Upgrade */
         return ap_pass_brigade(f->next, bb);
     }