Re: svn commit: r1870095 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
On Mon, Aug 17, 2020 at 02:07:33PM +0200, Ruediger Pluem wrote: > On 11/21/19 4:51 PM, jor...@apache.org wrote: > > Author: jorton > > Date: Thu Nov 21 15:51:32 2019 > > New Revision: 1870095 > > > > URL: http://svn.apache.org/viewvc?rev=1870095=rev ... > > @@ -1132,6 +1144,17 @@ static int ssl_hook_Access_modern(reques > > } > > } > > > > +/* Fill reneg buffer if required. */ > > +if (change_vmode) { > > Why can't we put this block below the > > if (change_vmode) > > a few lines below? Good question, thanks for the review. No good reason, and moving the call after the r->connection->master test is presumably better. Done in r1880927. Regards, Joe
Re: svn commit: r1870095 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
On 11/21/19 4:51 PM, jor...@apache.org wrote: > Author: jorton > Date: Thu Nov 21 15:51:32 2019 > New Revision: 1870095 > > URL: http://svn.apache.org/viewvc?rev=1870095=rev > Log: > Buffer HTTP request bodies for TLSv1.3 PHA in the same way as for > TLSv<1.3 renegotiation. > > * modules/ssl/ssl_engine_kernel.c (fill_reneg_buffer): Factor > out... > (ssl_hook_Access_classic): ... from here. > (ssl_hook_Access_modern): Use it here too. > > Github: closes #75 > > Modified: > httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c > > Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1870095=1870094=1870095=diff > == > --- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original) > +++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Thu Nov 21 15:51:32 2019 > @@ -1132,6 +1144,17 @@ static int ssl_hook_Access_modern(reques > } > } > > +/* Fill reneg buffer if required. */ > +if (change_vmode) { Why can't we put this block below the if (change_vmode) a few lines below? > +rc = fill_reneg_buffer(r, dc); > +if (rc) { > +ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO() > + "could not buffer message body to allow " > + "TLS Post-Handshake Authentication to > proceed"); > +return rc; > +} > +} > + > if (change_vmode) { > char peekbuf[1]; Regards RĂ¼diger