From: Joe Orton <jorton@apache.org>
Date: Mon, 1 Mar 2010 21:27:17 +0000 (+0000)
Subject: * modules/ssl/ssl_engine_io.c: Restore code removed by
X-Git-Tag: 2.2.15~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=af435fc1fbeaa2865b46c1e18c82aa8623492a16;p=thirdparty%2Fapache%2Fhttpd.git

* modules/ssl/ssl_engine_io.c: Restore code removed by
mistake in mis-merged r917343.

Reviewed by: jorton, trawick, wrowe


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@917726 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index 2ddaa920811..d26a0c2b9c4 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -472,6 +472,12 @@ static int bio_filter_in_read(BIO *bio, char *in, int inlen)
     if (!in)
         return 0;
 
+    /* Abort early if the client has initiated a renegotiation. */
+    if (inctx->filter_ctx->config->reneg_state == RENEG_ABORT) {
+        inctx->rc = APR_ECONNABORTED;
+        return -1;
+    }
+
     /* In theory, OpenSSL should flush as necessary, but it is known
      * not to do so correctly in some cases; see PR 46952.
      *