From 0f6f55ba570907d7078b45a5a588362f8ac9363a Mon Sep 17 00:00:00 2001 From: Ruediger Pluem Date: Sun, 11 Jan 2009 12:58:08 +0000 Subject: [PATCH] * Correctly merge SSLRenegBufferSize directive. PR: 46508 Submitted by: Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@733465 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 5 ++++- modules/ssl/ssl_engine_config.c | 2 +- modules/ssl/ssl_engine_kernel.c | 7 +++++-- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index f910540d38..09c23071eb 100644 --- a/CHANGES +++ b/CHANGES @@ -2,13 +2,16 @@ Changes with Apache 2.3.2 [ When backported to 2.2.x, remove entry from this file ] + *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508 + [] + *) core: Translate the the status line to ASCII on EBCDIC platforms in ap_send_interim_response() and for locally generated "100 Continue" responses. [Eric Covener] *) mod_authnz_ldap: Reduce number of initialization debug messages and make information more clear. PR 46342 [Dan Poirier] - + *) prefork: Fix child process hang during graceful restart/stop in configurations with multiple listening sockets. PR 42829. [Joe Orton, Jeff Trawick] diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c index 624e29befc..6e4a1f26e1 100644 --- a/modules/ssl/ssl_engine_config.c +++ b/modules/ssl/ssl_engine_config.c @@ -295,7 +295,7 @@ void *ssl_config_perdir_create(apr_pool_t *p, char *dir) dc->szCACertificateFile = NULL; dc->szUserName = NULL; - dc->nRenegBufferSize = DEFAULT_RENEG_BUFFER_SIZE; + dc->nRenegBufferSize = UNSET; return dc; } diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 052051f723..229fc27d3f 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -600,10 +600,13 @@ int ssl_hook_Access(request_rec *r) && strcmp(apr_table_get(r->headers_in, "content-length"), "0"))) && !r->expecting_100) { int rv; + apr_size_t rsize; - if (dc->nRenegBufferSize > 0) { + rsize = dc->nRenegBufferSize == UNSET ? DEFAULT_RENEG_BUFFER_SIZE : + dc->nRenegBufferSize; + if (rsize > 0) { /* Fill the I/O buffer with the request body if possible. */ - rv = ssl_io_buffer_fill(r, dc->nRenegBufferSize); + rv = ssl_io_buffer_fill(r, rsize); } else { /* If the reneg buffer size is set to zero, just fail. */ -- 2.50.1