From: Ruediger Pluem <rpluem@apache.org>
Date: Tue, 21 Dec 2010 11:43:42 +0000 (+0000)
Subject: * Do not drop contents of incomplete lines, but safe them for the next
X-Git-Tag: 2.3.11~357
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=98a2ee3314e380a162ecd7cff0c584c441be99b7;p=apache

* Do not drop contents of incomplete lines, but safe them for the next
  round of reading.

PR: 50481


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1051468 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 3df0c31da2..344cb8a173 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 
 Changes with Apache 2.3.11
 
+  *) mod_ssl: Correctly read full lines in input filter when the line is
+     incomplete during first read. PR 50481. [Ruediger Pluem]
+
   *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
      sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
      fails for an authenticated user. PR 40721. [Stefan Fritsch]
diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index da64c05953..4ccb3ced1a 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -756,6 +756,10 @@ static apr_status_t ssl_io_input_getline(bio_filter_in_ctx_t *inctx,
         status = ssl_io_input_read(inctx, buf + offset, &tmplen);
 
         if (status != APR_SUCCESS) {
+            if (APR_STATUS_IS_EAGAIN(status) && (*len > 0)) {
+                /* Safe the part of the line we already got */
+                char_buffer_write(&inctx->cbuf, buf, *len);
+            }
             return status;
         }
 
@@ -782,6 +786,10 @@ static apr_status_t ssl_io_input_getline(bio_filter_in_ctx_t *inctx,
 
         *len = bytes;
     }
+    else {
+        /* Safe the part of the line we already got */
+        char_buffer_write(&inctx->cbuf, buf, *len);
+    }
 
     return APR_SUCCESS;
 }