* Correctly merge SSLRenegBufferSize directive.

author Ruediger Pluem <rpluem@apache.org>

Sun, 11 Jan 2009 12:58:08 +0000 (12:58 +0000)

committer Ruediger Pluem <rpluem@apache.org>

Sun, 11 Jan 2009 12:58:08 +0000 (12:58 +0000)
author Ruediger Pluem <rpluem@apache.org>
Sun, 11 Jan 2009 12:58:08 +0000 (12:58 +0000)
committer Ruediger Pluem <rpluem@apache.org>
Sun, 11 Jan 2009 12:58:08 +0000 (12:58 +0000)
diff --git a/CHANGES b/CHANGES

index f910540d38d9d840a3ed3d4d1788f2410ccdad04..09c23071ebdfa46881764c4d62612fa34b773205 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,13 +2,16 @@
  Changes with Apache 2.3.2
  [ When backported to 2.2.x, remove entry from this file ]
  
+ *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
+    [<tlhackque yahoo.com>]
+
   *) core: Translate the the status line to ASCII on EBCDIC platforms in
      ap_send_interim_response() and for locally generated "100 Continue"
      responses.  [Eric Covener]
  
   *) mod_authnz_ldap: Reduce number of initialization debug messages and make
      information more clear. PR 46342 [Dan Poirier]
- 
+
   *) prefork: Fix child process hang during graceful restart/stop in
      configurations with multiple listening sockets.  PR 42829.  [Joe Orton,
      Jeff Trawick]
diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c

index 624e29befca538fe0c2d00282639929ee8b85d7d..6e4a1f26e1fcd2fb5947069b81687e6baa79813d 100644 (file)
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -295,7 +295,7 @@ void *ssl_config_perdir_create(apr_pool_t *p, char *dir)
      dc->szCACertificateFile    = NULL;
      dc->szUserName             = NULL;
  
-    dc->nRenegBufferSize = DEFAULT_RENEG_BUFFER_SIZE;
+    dc->nRenegBufferSize = UNSET;
  
      return dc;
  }
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c

index 052051f723d4ea0eba9dda0f48a24a1e610c421a..229fc27d3ff71e001685e196a64256d9c1f1a546 100644 (file)
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -600,10 +600,13 @@ int ssl_hook_Access(request_rec *r)
                  && strcmp(apr_table_get(r->headers_in, "content-length"), "0")))
          && !r->expecting_100) {
          int rv;
+        apr_size_t rsize;
  
-        if (dc->nRenegBufferSize > 0) {
+        rsize = dc->nRenegBufferSize == UNSET ? DEFAULT_RENEG_BUFFER_SIZE :
+                                                dc->nRenegBufferSize;
+        if (rsize > 0) {
              /* Fill the I/O buffer with the request body if possible. */
-            rv = ssl_io_buffer_fill(r, dc->nRenegBufferSize);
+            rv = ssl_io_buffer_fill(r, rsize);
          }
          else {
              /* If the reneg buffer size is set to zero, just fail. */
author	Ruediger Pluem <rpluem@apache.org>
	Sun, 11 Jan 2009 12:58:08 +0000 (12:58 +0000)
committer	Ruediger Pluem <rpluem@apache.org>
	Sun, 11 Jan 2009 12:58:08 +0000 (12:58 +0000)
CHANGES		patch \| blob \| history
modules/ssl/ssl_engine_config.c		patch \| blob \| history
modules/ssl/ssl_engine_kernel.c		patch \| blob \| history