From: Giovanni Bechis Date: Thu, 30 Mar 2023 17:09:09 +0000 (+0000) Subject: check for more possible SSL failures X-Git-Tag: 2.5.0-alpha2-ci-test-only~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f766a83553ba39cd1d4ad552b735fb482defd0ff;p=thirdparty%2Fapache%2Fhttpd.git check for more possible SSL failures bz #66225 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908805 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 8a11cf4962b..27c1d2383ab 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -997,10 +997,7 @@ static int ssl_hook_Access_classic(request_rec *r, SSLSrvConfigRec *sc, SSLDirCo * handshake to proceed. */ modssl_set_reneg_state(sslconn, RENEG_ALLOW); - SSL_renegotiate(ssl); - SSL_do_handshake(ssl); - - if (!SSL_is_init_finished(ssl)) { + if(!SSL_renegotiate(ssl) || !SSL_do_handshake(ssl) || !SSL_is_init_finished(ssl)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02225) "Re-negotiation request failed"); ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);