Re: svn commit: r1874007 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_util_ocsp.c

Fri, 14 Feb 2020 09:09:50 -0800 

On 2/14/20 6:05 PM, Marion & Christophe JAILLET wrote:
> Hi,
> 
> purely speculative, but does a:
>    apr_table_set(headers, "Connection", "close");
> 
> around line 812 of md_oscp.c also makes sense?
> 
I think it makes absolutely sense.
 Giovanni

> CJ
> 
> Le 14/02/2020 à 10:38, rpl...@apache.org a écrit :
>> Author: rpluem
>> Date: Fri Feb 14 09:38:12 2020
>> New Revision: 1874007
>>
>> URL: http://svn.apache.org/viewvc?rev=1874007&view=rev
>> Log:
>> * modules/ssl/ssl_util_ocsp.c (serialize_request): Set the Connection header
>>    to close to indicate that we do not want to keep the HTTP connection to 
>> the
>>    OCSP responder alive. We don't reuse the connections currently and if the
>>    OCSP responder keeps the connection alive this could cause us to wait for
>>    keepalive timeout of the OCSP responder to timeout until we finish our
>>    reading of the OCSP response.
>>
>> PR: 64135
>>
>>
>> Modified:
>>      httpd/httpd/trunk/CHANGES
>>      httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
>>
>> Modified: httpd/httpd/trunk/CHANGES
>> URL: 
>> http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1874007&r1=1874006&r2=1874007&view=diff
>> ==============================================================================
>> --- httpd/httpd/trunk/CHANGES [utf-8] (original)
>> +++ httpd/httpd/trunk/CHANGES [utf-8] Fri Feb 14 09:38:12 2020
>> @@ -1,6 +1,9 @@
>>                                                            -*- coding: utf-8 
>> -*-
>>   Changes with Apache 2.5.1
>>   +  *) mod_ssl: Do not keep connections to OCSP responders alive when doing
>> +     OCSP requests.  PR 64135.  [Ruediger Pluem]
>> +
>>     *) mod_ssl: Disable client verification on ACME ALPN challenges. Fixes 
>> github
>>        issue mod_md#172 (https://github.com/icing/mod_md/issues/172).
>>        [Michael Kaufmann <mail michael-kaufmann.ch>, Stefan Eissing]
>>
>> Modified: httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
>> URL: 
>> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c?rev=1874007&r1=1874006&r2=1874007&view=diff
>> ==============================================================================
>> --- httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c (original)
>> +++ httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c Fri Feb 14 09:38:12 2020
>> @@ -46,6 +46,7 @@ static BIO *serialize_request(OCSP_REQUE
>>       BIO_printf(bio, "%s%s%s HTTP/1.0\r\n"
>>                  "Host: %s:%d\r\n"
>>                  "Content-Type: application/ocsp-request\r\n"
>> +               "Connection: close\r\n"
>>                  "Content-Length: %d\r\n"
>>                  "\r\n",
>>                  uri->path ? uri->path : "/",
>>
>>

Reply via email to