From: Graham Leggett Date: Mon, 7 Mar 2016 23:40:17 +0000 (+0000) Subject: mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake() X-Git-Tag: 2.5.0-alpha~1950 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1bd0dcce6deda2ab4385bbf419457724e97e24d9;p=apache mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake() hook returns an error. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1734006 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 6651869392..ab351839f8 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,9 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake() + hook returns an error. [Graham Leggett] + *) ab: Use caseless matching for HTTP tokens (e.g. content-length). PR 59111. [Yann Ylavic] diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c index edc27c4588..cff0d0c420 100644 --- a/modules/ssl/mod_ssl.c +++ b/modules/ssl/mod_ssl.c @@ -492,7 +492,7 @@ int ssl_init_ssl_connection(conn_rec *c, request_rec *r) * attach this to the socket. Additionally we register this attachment * so we can detach later. */ - if (!(ssl = SSL_new(mctx->ssl_ctx))) { + if (!(sslconn->ssl = ssl = SSL_new(mctx->ssl_ctx))) { ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(01962) "Unable to create a new SSL connection from the SSL " "context"); @@ -526,8 +526,6 @@ int ssl_init_ssl_connection(conn_rec *c, request_rec *r) SSL_set_app_data(ssl, c); modssl_set_app_data2(ssl, NULL); /* will be request_rec */ - sslconn->ssl = ssl; - SSL_set_verify_result(ssl, X509_V_OK); ssl_io_filter_init(c, r, ssl);