> -----Original Message----- > From: Daniel Ruggeri > Sent: Donnerstag, 25. November 2010 16:01 > To: [email protected] > Subject: Re: Making mod_proxy_http more aware of SSL > > > On 11/25/2010 4:14 AM, "Plüm, Rüdiger, VF-Group" wrote: > > the following seems better: > > > > > > + else > if(strcmp(apr_table_get(backend->connection->notes, > "SSL_connect_rv"), "err") == 0) { > > + return ap_proxyerror(r, > HTTP_INTERNAL_SERVER_ERROR, > > + "Error during SSL > Handshake with remote server"); > > + > > > > > > Regards > > > > Rüdiger > > I agree that the message should be logged as such since > logging higher > than INFO would hide the actual SSL error from mod_ssl. My > focus though > is on marking the backend server out of service as you can't > communicate > unless the SSL transport has been established (essentially a > failure to > connect). Nothing else in the request/response cycle in > mod_proxy_http > does this due to handshake errors and this spot seems to be the very > first place we can actually check for that condition. > > I have updated the patches to log your suggested message > after marking > the workers to be in error state.
The loggers get in error state automatically when you call ap_proxyerror with HTTP_INTERNAL_SERVER_ERROR. No need to do it manually. Regards Rüdiger
