Author: covener
Date: Tue Nov 29 13:21:06 2022
New Revision: 1905607
URL: http://svn.apache.org/viewvc?rev=1905607&view=rev
Log:
Merge r1903167 from trunk:
*) mod_ssl: fix for PR66190.
Submitted by: icing
Reviewed by: icing, rpluem, ylavic
Github: closes #326
Modified:
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c
httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Nov 29 13:21:06 2022
@@ -1,6 +1,12 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.55
+ *) mod_ssl: when a proxy connection had handled a request using SSL, an
+ error was logged when "SSLProxyEngine" was only configured in the
+ location/proxy section and not the overall server. The connection
+ continued to work, the error log was in error. Fixed PR66190.
+ [Stefan Eissing]
+
*) mod_http2: Export mod_http2.h as public header. [Stefan Eissing]
*) mod_md: a new directive `MDStoreLocks` can be used on cluster
Modified: httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c Tue Nov 29 13:21:06 2022
@@ -548,6 +548,13 @@ static int ssl_hook_ssl_bind_outgoing(co
int status;
sslconn = ssl_init_connection_ctx(c, per_dir_config, 1);
+ if (sslconn->ssl) {
+ /* we are already bound to this connection. We have rebound
+ * or removed the reference to a previous per_dir_config,
+ * there is nothing more to do. */
+ return OK;
+ }
+
status = ssl_engine_status(c, sslconn);
if (enable_ssl) {
if (status != OK) {
Modified: httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py (original)
+++ httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py Tue Nov 29 13:21:06 2022
@@ -71,7 +71,6 @@ class TestProxyHttp:
assert r.response["status"] == 200
assert r.json['host'] == seen
- @pytest.mark.skip(reason="needs backport of r1903167")
def test_proxy_01_003(self, env):
domain = f"test1.{env.http_tld}"
conf = HttpdConf(env)
Date: Tue Nov 29 13:21:06 2022
New Revision: 1905607
URL: http://svn.apache.org/viewvc?rev=1905607&view=rev
Log:
Merge r1903167 from trunk:
*) mod_ssl: fix for PR66190.
Submitted by: icing
Reviewed by: icing, rpluem, ylavic
Github: closes #326
Modified:
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c
httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Nov 29 13:21:06 2022
@@ -1,6 +1,12 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.55
+ *) mod_ssl: when a proxy connection had handled a request using SSL, an
+ error was logged when "SSLProxyEngine" was only configured in the
+ location/proxy section and not the overall server. The connection
+ continued to work, the error log was in error. Fixed PR66190.
+ [Stefan Eissing]
+
*) mod_http2: Export mod_http2.h as public header. [Stefan Eissing]
*) mod_md: a new directive `MDStoreLocks` can be used on cluster
Modified: httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/mod_ssl.c Tue Nov 29 13:21:06 2022
@@ -548,6 +548,13 @@ static int ssl_hook_ssl_bind_outgoing(co
int status;
sslconn = ssl_init_connection_ctx(c, per_dir_config, 1);
+ if (sslconn->ssl) {
+ /* we are already bound to this connection. We have rebound
+ * or removed the reference to a previous per_dir_config,
+ * there is nothing more to do. */
+ return OK;
+ }
+
status = ssl_engine_status(c, sslconn);
if (enable_ssl) {
if (status != OK) {
Modified: httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py?rev=1905607&r1=1905606&r2=1905607&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py (original)
+++ httpd/httpd/branches/2.4.x/test/modules/proxy/test_01_http.py Tue Nov 29 13:21:06 2022
@@ -71,7 +71,6 @@ class TestProxyHttp:
assert r.response["status"] == 200
assert r.json['host'] == seen
- @pytest.mark.skip(reason="needs backport of r1903167")
def test_proxy_01_003(self, env):
domain = f"test1.{env.http_tld}"
conf = HttpdConf(env)