* ssl_engine_io.c (ssl_filter_write, ssl_io_filter_output): Don't dereference the BIOs in filter_ctx when filter_ctx->pssl is NULL.
Index: ssl_engine_io.c ===================================================================
+1 for your patch... it is a cleaner patch than what the PR reporter provided in http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21370
With sufficient caffeine, I see that the patch I posted to set c->aborted in a couple of places is different than the one the PR reporter had posted (I said it was his because I thought they were the same and I couldn't recall whether I came up with the idea before/after I saw his patch :) )
So my patch posted earlier in this thread is a second patch to commit...
There is still part of the PR reporter's patch that is unaccounted for:
Diff:
diff -c -r1.2 -r1.3
*** ssl_engine_io.c 2003/04/16 14:14:39 1.2
--- ssl_engine_io.c 2003/07/03 11:36:24 1.3
***************
*** 1112,1117 ****
--- 1122,1129 ----
inctx->rc = APR_EGENERAL;
}+ /* 2.7.2003/hk,mv: handshake failed, close the connection */
+ c->aborted=1;
return ssl_filter_io_shutdown(filter_ctx, c, 1);
}***************
*** 1153,1158 ****
--- 1165,1172 ----
error ? error : "unknown");
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);+ /* 2.7.2003/hk,mv: no client cert, close the connection
*/
+ c->aborted=1;
return ssl_filter_io_shutdown(filter_ctx, c, 1);
}
}
I didn't need this change in my testing, but it looks to me that it is proper for c->aborted to be set on this path, and that ssl_filter_io_shutdown() should do the setting instead of putting it here since any time ssl_filter_io_shutdown() is called it is appropriate for c->aborted to be set.
I will be off the net for 10 days starting this afternoon and have some crucial stuff to do in the meantime (find passport, pack, etc.). If I haven't committed this stuff yet, go for it. If I have, my apologies to everyone if something breaks :)
