* Do not drop contents of incomplete lines, but safe them for the next

  round of reading.

PR: 50481

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1051468 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 3df0c31da2492405fbedb4415971ff5ac63a9c5f..344cb8a173dd2a8d4c8320999c1b0925955b74f3 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 
 Changes with Apache 2.3.11
 
+  *) mod_ssl: Correctly read full lines in input filter when the line is
+     incomplete during first read. PR 50481. [Ruediger Pluem]
+
   *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
      sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
      fails for an authenticated user. PR 40721. [Stefan Fritsch]

diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index da64c059538090737c5a9875207d85d75b79440e..4ccb3ced1a6c135ff5fa29f41780a9531a9b0be7 100644 (file)
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -756,6 +756,10 @@ static apr_status_t ssl_io_input_getline(bio_filter_in_ctx_t *inctx,
         status = ssl_io_input_read(inctx, buf + offset, &tmplen);
 
         if (status != APR_SUCCESS) {
+            if (APR_STATUS_IS_EAGAIN(status) && (*len > 0)) {
+                /* Safe the part of the line we already got */
+                char_buffer_write(&inctx->cbuf, buf, *len);
+            }
             return status;
         }
 
@@ -782,6 +786,10 @@ static apr_status_t ssl_io_input_getline(bio_filter_in_ctx_t *inctx,
 
         *len = bytes;
     }
+    else {
+        /* Safe the part of the line we already got */
+        char_buffer_write(&inctx->cbuf, buf, *len);
+    }
 
     return APR_SUCCESS;
 }