From 1bd0dcce6deda2ab4385bbf419457724e97e24d9 Mon Sep 17 00:00:00 2001 From: Graham Leggett Date: Mon, 7 Mar 2016 23:40:17 +0000 Subject: [PATCH] mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake() hook returns an error. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1734006 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ modules/ssl/mod_ssl.c | 4 +--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 6651869392..ab351839f8 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,9 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake() + hook returns an error. [Graham Leggett] + *) ab: Use caseless matching for HTTP tokens (e.g. content-length). PR 59111. [Yann Ylavic] diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c index edc27c4588..cff0d0c420 100644 --- a/modules/ssl/mod_ssl.c +++ b/modules/ssl/mod_ssl.c @@ -492,7 +492,7 @@ int ssl_init_ssl_connection(conn_rec *c, request_rec *r) * attach this to the socket. Additionally we register this attachment * so we can detach later. */ - if (!(ssl = SSL_new(mctx->ssl_ctx))) { + if (!(sslconn->ssl = ssl = SSL_new(mctx->ssl_ctx))) { ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(01962) "Unable to create a new SSL connection from the SSL " "context"); @@ -526,8 +526,6 @@ int ssl_init_ssl_connection(conn_rec *c, request_rec *r) SSL_set_app_data(ssl, c); modssl_set_app_data2(ssl, NULL); /* will be request_rec */ - sslconn->ssl = ssl; - SSL_set_verify_result(ssl, X509_V_OK); ssl_io_filter_init(c, r, ssl); -- 2.40.0