From: Ruediger Pluem <rpluem@apache.org>
Date: Fri, 31 Mar 2006 21:27:18 +0000 (+0000)
Subject: Merge r370172, r371132 from trunk:
X-Git-Tag: 2.2.1~36
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b5a7e38b911b6a55992ecb1780bac510d9e0ce30;p=thirdparty%2Fapache%2Fhttpd.git

Merge r370172, r371132 from trunk:

* Insert the HTTP_IN filter uncondionally before we call
  ap_send_error_response or ap_die. This ensures that
  ap_discard_request_body called by ap_die and by ap_send_error_response works
  correctly on status codes that do not cause the connection to be dropped and
  in situations where the connection should be kept alive.

PR: 38123
Reviewed by: rpluem, niq, jerenkrantz


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@390503 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index fda98a18bdb..a60a8745abe 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,6 +14,9 @@ Changes with Apache 2.2.1
      made to ap_escape_html so we escape quotes.  Reported by JPCERT.
      [Mark Cox]
 
+  *) core: Reject invalid Expect header immediately. PR 38123.
+     [Ruediger Pluem]
+
   *) Fix mis-shifted 32 bit scope, masked to 64 bits as a method.
      [Will Rowe, Joe Orton]
 
diff --git a/STATUS b/STATUS
index bcbf9b71402..4a170447584 100644
--- a/STATUS
+++ b/STATUS
@@ -83,15 +83,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
       -0: niq: Please explain why return value of ap_pass_brigade is
                put into a variable and immediately discarded.
 
-    * core: Fix PR38123 (Invalid Expect header not immediately rejected)
-      Trunk version of patch:
-         http://svn.apache.org/viewcvs.cgi?rev=370172&view=rev
-         http://svn.apache.org/viewcvs.cgi?rev=371132&view=rev
-      Backport version for 2.2.x of patch:
-         http://issues.apache.org/bugzilla/attachment.cgi?id=17481
-      +1: rpluem, niq, jerenkrantz
-      NOTE: this also supersedes previous fix to PR#37790
-
     * mod_ldap: Fix a race condition when creating the connection pool mutex
 	and make sure that memory is being allocated from the correct pools
 	when connections are being established. Enforce the GLOBAL_ONLY 
diff --git a/server/protocol.c b/server/protocol.c
index aadb4391d63..39ac3f902aa 100644
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -982,6 +982,16 @@ request_rec *ap_read_request(conn_rec *conn)
                       "(see RFC2616 section 14.23): %s", r->uri);
     }
 
+    /*
+     * Add the HTTP_IN filter here to ensure that ap_discard_request_body
+     * called by ap_die and by ap_send_error_response works correctly on
+     * status codes that do not cause the connection to be dropped and
+     * in situations where the connection should be kept alive.
+     */
+
+    ap_add_input_filter_handle(ap_http_input_filter_handle,
+                               NULL, r, r->connection);
+
     if (r->status != HTTP_OK) {
         ap_send_error_response(r, 0);
         ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
@@ -990,8 +1000,6 @@ request_rec *ap_read_request(conn_rec *conn)
     }
 
     if ((access_status = ap_run_post_read_request(r))) {
-        ap_add_input_filter_handle(ap_http_input_filter_handle,
-                                   NULL, r, r->connection);
         ap_die(access_status, r);
         ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
         ap_run_log_transaction(r);
@@ -1021,9 +1029,6 @@ request_rec *ap_read_request(conn_rec *conn)
         }
     }
 
-    ap_add_input_filter_handle(ap_http_input_filter_handle,
-                               NULL, r, r->connection);
-
     return r;
 }