-*- coding: utf-8 -*-
Changes with Apache 2.5.1
+ *) mod_ssl: Fix merging of proxy SSL context outside <Proxy> sections,
+ regression introduced in 2.4.30. PR 62232. [Rainer Jung, Yann Ylavic]
+
*) mod_ssl: proper checks for libressl 2.07/8 and its TLSv1_3 support, see PR 62236.
[Bernard Spil <brnrd@freebsd.org>]
cfgMergeInt(nRenegBufferSize);
mrg->proxy_post_config = add->proxy_post_config;
- if (!add->proxy_post_config) {
+ if (!mrg->proxy_post_config) {
cfgMergeBool(proxy_enabled);
modssl_ctx_init_proxy(mrg, p);
modssl_ctx_cfg_merge_proxy(p, base->proxy, add->proxy, mrg->proxy);
+
+ /* Since ssl_proxy_section_post_config() hook won't be called if there
+ * is no SSLProxy* in this dir config, the ssl_ctx may still be NULL
+ * here at runtime. Merging it is either a no-op (NULL => NULL) because
+ * we are still before post config, or we really want to reuse the one
+ * from the upper/server context (outside of <Proxy> sections).
+ */
+ cfgMerge(proxy->ssl_ctx, NULL);
}
else {
- /* post_config hook has already merged and initialized the
+ /* The post_config hook has already merged and initialized the
* proxy context, use it.
*/
mrg->proxy_enabled = add->proxy_enabled;
projects / apache / commitdiff