Attachment #26343 for bug #50332

View | Details | Raw Unified | Return to bug 50332
Collapse All | Expand All

Lines 184-189 Link Here

(-)httpd-2.2.x/STATUS (+8 lines)
184	enabling/disabling the basic capability is not split out into mod_unixd 2.2.x.	184	enabling/disabling the basic capability is not split out into mod_unixd 2.2.x.
185	+1: trawick	185	+1: trawick
186		186
		187	* mod_proxy_http: Become aware of ssl handshake failures when attempting
		188	to pass request. Makes it so workers are put in error state when a
		189	handshake failure is encountered.
		190	PR50332
		191	Trunk patch: https://issues.apache.org/bugzilla/attachment.cgi?id=26339
		192	2.2.x patch: https://issues.apache.org/bugzilla/attachment.cgi?id=26338
		193	druggeri: Need doc update?
		194
187	PATCHES/ISSUES THAT ARE STALLED	195	PATCHES/ISSUES THAT ARE STALLED
188		196
189	* core: Support wildcards in both the directory and file components of	197	* core: Support wildcards in both the directory and file components of

Lines 272-277 Link Here

(-)httpd-2.2.x/modules/proxy/mod_proxy_http.c (+6 lines)
272	"proxy: pass request body failed to %pI (%s)",	272	"proxy: pass request body failed to %pI (%s)",
273	conn->addr, conn->hostname);	273	conn->addr, conn->hostname);
274	if (origin->aborted) {	274	if (origin->aborted) {
		275	if(strcmp(apr_table_get(origin->notes, "SSL_connect_rv"), "err") == 0){
		276	conn->worker->s->status \|= PROXY_WORKER_IN_ERROR;
		277	conn->worker->s->error_time = apr_time_now();
		278	return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR,
		279	"Error during SSL Handshake with remote server");
		280	}
275	return APR_STATUS_IS_TIMEUP(status) ? HTTP_GATEWAY_TIME_OUT : HTTP_BAD_GATEWAY;	281	return APR_STATUS_IS_TIMEUP(status) ? HTTP_GATEWAY_TIME_OUT : HTTP_BAD_GATEWAY;
276	}	282	}
277	else {	283	else {




            ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);
            /* ensure that the SSL structures etc are freed, etc: */
            ssl_filter_io_shutdown(filter_ctx, c, 1);
            apr_table_set(c->notes, "SSL_connect_rv", "err");
            return HTTP_BAD_GATEWAY;
        }


                }
                /* ensure that the SSL structures etc are freed, etc: */
                ssl_filter_io_shutdown(filter_ctx, c, 1);
                apr_table_set(c->notes, "SSL_connect_rv", "err");
                return HTTP_BAD_GATEWAY;
            }
            X509_free(cert);

                              hostname, hostname_note);
                /* ensure that the SSL structures etc are freed, etc: */
                ssl_filter_io_shutdown(filter_ctx, c, 1);
                apr_table_set(c->notes, "SSL_connect_rv", "err");
                return HTTP_BAD_GATEWAY;
            }
        }

        apr_table_set(c->notes, "SSL_connect_rv", "ok");
        return APR_SUCCESS;
    }


Return to bug 50332

Lines 1065-1070 Link Here

(-)httpd-2.2.x/modules/ssl/ssl_engine_io.c (+4 lines)
1065	ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);	1065	ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);
1066	/* ensure that the SSL structures etc are freed, etc: */	1066	/* ensure that the SSL structures etc are freed, etc: */
1067	ssl_filter_io_shutdown(filter_ctx, c, 1);	1067	ssl_filter_io_shutdown(filter_ctx, c, 1);
		1068	apr_table_set(c->notes, "SSL_connect_rv", "err");
1068	return HTTP_BAD_GATEWAY;	1069	return HTTP_BAD_GATEWAY;
1069	}	1070	}
1070		1071
Lines 1082-1087 Link Here
1082	}	1083	}
1083	/* ensure that the SSL structures etc are freed, etc: */	1084	/* ensure that the SSL structures etc are freed, etc: */
1084	ssl_filter_io_shutdown(filter_ctx, c, 1);	1085	ssl_filter_io_shutdown(filter_ctx, c, 1);
		1086	apr_table_set(c->notes, "SSL_connect_rv", "err");
1085	return HTTP_BAD_GATEWAY;	1087	return HTTP_BAD_GATEWAY;
1086	}	1088	}
1087	X509_free(cert);	1089	X509_free(cert);
Lines 1101-1110 Link Here
1101	hostname, hostname_note);	1103	hostname, hostname_note);
1102	/* ensure that the SSL structures etc are freed, etc: */	1104	/* ensure that the SSL structures etc are freed, etc: */
1103	ssl_filter_io_shutdown(filter_ctx, c, 1);	1105	ssl_filter_io_shutdown(filter_ctx, c, 1);
		1106	apr_table_set(c->notes, "SSL_connect_rv", "err");
1104	return HTTP_BAD_GATEWAY;	1107	return HTTP_BAD_GATEWAY;
1105	}	1108	}
1106	}	1109	}
1107		1110
		1111	apr_table_set(c->notes, "SSL_connect_rv", "ok");
1108	return APR_SUCCESS;	1112	return APR_SUCCESS;
1109	}	1113	}
1110		1114