From ae174ccc303fc4b185015194681cb378a623755e Mon Sep 17 00:00:00 2001
From: Yann Ylavic <ylavic@apache.org>
Date: Tue, 5 Jan 2016 16:52:29 +0000
Subject: [PATCH] mod_ssl: Avoid one TLS record (application data)
 fragmentation by including the last suitable bucket when coalescing.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1723122 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES                     | 3 +++
 modules/ssl/ssl_engine_io.c | 8 ++++----
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/CHANGES b/CHANGES
index f81104bb4a..40f88076fe 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_ssl: Avoid one TLS record (application data) fragmentation by
+     including the last suitable bucket when coalescing.  [Yann Ylavic]
+
   *) mod_http2: reworked synching of session shutdown with worker threads. h2 
      workers now stick to a session until no more reuqquest are tbd, keepalive 
      handling revisited, users report problems with connection close without
diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index aaa5dce14b..dc998462b0 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -1532,7 +1532,7 @@ struct coalesce_ctx {
 static apr_status_t ssl_io_filter_coalesce(ap_filter_t *f,
                                            apr_bucket_brigade *bb)
 {
-    apr_bucket *e, *last = NULL;
+    apr_bucket *e, *endb;
     apr_size_t bytes = 0;
     struct coalesce_ctx *ctx = f->ctx;
     unsigned count = 0;
@@ -1559,10 +1559,10 @@ static apr_status_t ssl_io_filter_coalesce(ap_filter_t *f,
              && (ctx == NULL
                  || bytes + ctx->bytes + e->length < COALESCE_BYTES);
          e = APR_BUCKET_NEXT(e)) {
-        last = e;
         if (e->length) count++; /* don't count zero-length buckets */
         bytes += e->length;
     }
+    endb = e;
 
     /* Coalesce the prefix, if:
      * a) more than one bucket is found to coalesce, or
@@ -1571,7 +1571,7 @@ static apr_status_t ssl_io_filter_coalesce(ap_filter_t *f,
      */
     if (bytes > 0
         && (count > 1
-            || (count == 1 && APR_BUCKET_NEXT(last) == APR_BRIGADE_SENTINEL(bb)))) {
+            || (count == 1 && endb == APR_BRIGADE_SENTINEL(bb)))) {
         /* If coalescing some bytes, ensure a context has been
          * created. */
         if (!ctx) {
@@ -1588,7 +1588,7 @@ static apr_status_t ssl_io_filter_coalesce(ap_filter_t *f,
          * normal path of sending the buffer + remaining buckets in
          * brigade.  */
         e = APR_BRIGADE_FIRST(bb);
-        while (e != last) {
+        while (e != endb) {
             apr_size_t len;
             const char *data;
             apr_bucket *next;
-- 
2.40.0