Merge r1601291, r1601630 from trunk:

mod_proxy: Shutdown (eg. SSL close notify) the backend connection
before closing.

mod_proxy: follow up to r1601291.

Since deferred_write_pool is needed by the core_output_filter and is a subpool
of the connection, shutdown in a pre_cleanup of the connection's pool to avoid
a freed memory access (SEGV).

Reported By: takashi

Submitted by: ylavic
Reviewed/backported by: jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1651080 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 0af2637707f0f18d4c336fd923723b3cbad0e858..324a86604ea13383ca291f33dc12ea15f562a476 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -246,6 +246,9 @@ Changes with Apache 2.4.10
   *) mod_ssl: Ensure that the SSL close notify alert is flushed to the client.
      PR54998. [Tim Kosse <tim.kosse filezilla-project.org>, Yann Ylavic] 
 
+  *) mod_proxy: Shutdown (eg. SSL close notify) the backend connection before
+     closing. [Yann Ylavic] 
+
   *) mod_auth_form: Add a debug message when the fields on a form are not
      recognised. [Graham Leggett]
 

diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index 1d3b8c0aa4cfeee87a49773d8914d44da56f9b07..d89f44be0878fe96dd804a6d7ed158c783dc6f77 100644 (file)
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -2836,6 +2836,33 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
     return connected ? OK : DECLINED;
 }
 
+static apr_status_t connection_shutdown(void *theconn)
+{
+    proxy_conn_rec *conn = (proxy_conn_rec *)theconn;
+    conn_rec *c = conn->connection;
+    if (c) {
+        if (!c->aborted) {
+            apr_interval_time_t saved_timeout = 0;
+            apr_socket_timeout_get(conn->sock, &saved_timeout);
+            if (saved_timeout) {
+                apr_socket_timeout_set(conn->sock, 0);
+            }
+
+            (void)ap_shutdown_conn(c, 0);
+            c->aborted = 1;
+
+            if (saved_timeout) {
+                apr_socket_timeout_set(conn->sock, saved_timeout);
+            }
+        }
+
+        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02642)
+                      "proxy: connection shutdown");
+    }
+    return APR_SUCCESS;
+}
+
+
 PROXY_DECLARE(int) ap_proxy_connection_create(const char *proxy_function,
                                               proxy_conn_rec *conn,
                                               conn_rec *c,
@@ -2908,6 +2935,11 @@ PROXY_DECLARE(int) ap_proxy_connection_create(const char *proxy_function,
     }
     apr_socket_timeout_set(conn->sock, current_timeout);
 
+    /* Shutdown the connection before closing it (eg. SSL connections
+     * need to be close-notify-ed).
+     */
+    apr_pool_pre_cleanup_register(conn->scpool, conn, connection_shutdown);
+
     return OK;
 }