From 8a0ce65f9aa5003021416298e14965b85b37bc4a Mon Sep 17 00:00:00 2001
From: Bradley Nicholes <bnicholes@apache.org>
Date: Thu, 14 Oct 2004 17:10:30 +0000
Subject: [PATCH] Track the status of an upgradeable socket so that the
 http_method and default_port hooks will report the correct information.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105458 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/arch/netware/mod_nw_ssl.c | 30 ++++++++++++++++++++++++++----
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/modules/arch/netware/mod_nw_ssl.c b/modules/arch/netware/mod_nw_ssl.c
index 306c0be807..060b17b992 100644
--- a/modules/arch/netware/mod_nw_ssl.c
+++ b/modules/arch/netware/mod_nw_ssl.c
@@ -89,6 +89,7 @@ module AP_MODULE_DECLARE_DATA nwssl_module;
 typedef struct NWSSLSrvConfigRec NWSSLSrvConfigRec;
 typedef struct seclisten_rec seclisten_rec;
 typedef struct seclistenup_rec seclistenup_rec;
+typedef struct secsocket_data secsocket_data;
 
 struct seclisten_rec {
     seclisten_rec *next;
@@ -114,6 +115,11 @@ struct NWSSLSrvConfigRec {
 	apr_pool_t *pPool;
 };
 
+struct secsocket_data {
+    apr_socket_t* csd;
+    int is_secure;
+};
+
 static apr_array_header_t *certlist = NULL;
 static unicode_t** certarray = NULL;
 static int numcerts = 0;
@@ -593,7 +599,11 @@ static int nwssl_pre_connection(conn_rec *c, void *csd)
         convert_secure_socket(c, (apr_socket_t*)csd);
     }
     else {
-        ap_set_module_config(c->conn_config, &nwssl_module, csd);
+        secsocket_data *csd_data = apr_palloc(c->pool, sizeof(secsocket_data));
+
+        csd_data->csd = (apr_socket_t*)csd;
+        csd_data->is_secure = 0;
+        ap_set_module_config(c->conn_config, &nwssl_module, (void*)csd_data);
     }
     
     return OK;
@@ -730,11 +740,18 @@ static int isSecureUpgradeable (const request_rec *r)
 	return isSecureConnUpgradeable (r->server, r->connection);
 }
 
+static int isSecureUpgraded (const request_rec *r)
+{
+    secsocket_data *csd_data = (secsocket_data*)ap_get_module_config(r->connection->conn_config, &nwssl_module);
+
+	return csd_data->is_secure;
+}
+
 static int nwssl_hook_Fixup(request_rec *r)
 {
     int i;
 
-    if (!isSecure(r))
+    if (!isSecure(r) && !isSecureUpgraded(r))
         return DECLINED;
 
     apr_table_set(r->subprocess_env, "HTTPS", "on");
@@ -744,7 +761,7 @@ static int nwssl_hook_Fixup(request_rec *r)
 
 static const char *nwssl_hook_http_method (const request_rec *r)
 {
-    if (isSecure(r))
+    if (isSecure(r) && !isSecureUpgraded(r))
         return "https";
 
     return NULL;
@@ -984,6 +1001,7 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
     char *token_string;
     char *token;
     char *token_state;
+    secsocket_data *csd_data;
 
     /* Just remove the filter, if it doesn't work the first time, it won't
      * work at all for this request.
@@ -1022,7 +1040,8 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
     apr_table_unset(r->headers_out, "Upgrade");
 
     if (r) {
-        csd = (apr_socket_t*)ap_get_module_config(r->connection->conn_config, &nwssl_module);
+        csd_data = (secsocket_data*)ap_get_module_config(r->connection->conn_config, &nwssl_module);
+        csd = csd_data->csd;
     }
     else {
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
@@ -1059,6 +1078,9 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
 
 
         ret = SSLize_Socket(sockdes, key, r);
+        if (!ret) {
+            csd_data->is_secure = 1;
+        }
     }
     else {
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
-- 
2.40.0