Module Name: src
Committed By: spz
Date: Thu Aug 20 05:46:31 UTC 2020
Modified Files:
src/libexec/httpd: bozohttpd.c bozohttpd.h cgi-bozo.c ssl-bozo.c
Log Message:
send close_notify for the ssl connection before closing the TCP connection
Thanks to Dr. Thomas Orgis for reporting the issue.
To generate a diff of this commit:
cvs rdiff -u -r1.117 -r1.118 src/libexec/httpd/bozohttpd.c
cvs rdiff -u -r1.62 -r1.63 src/libexec/httpd/bozohttpd.h
cvs rdiff -u -r1.49 -r1.50 src/libexec/httpd/cgi-bozo.c
cvs rdiff -u -r1.26 -r1.27 src/libexec/httpd/ssl-bozo.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/httpd/bozohttpd.c
diff -u src/libexec/httpd/bozohttpd.c:1.117 src/libexec/httpd/bozohttpd.c:1.118
--- src/libexec/httpd/bozohttpd.c:1.117 Mon Jul 13 09:38:57 2020
+++ src/libexec/httpd/bozohttpd.c Thu Aug 20 05:46:31 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.c,v 1.117 2020/07/13 09:38:57 jruoho Exp $ */
+/* $NetBSD: bozohttpd.c,v 1.118 2020/08/20 05:46:31 spz Exp $ */
/* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */
@@ -1912,6 +1912,8 @@ bozo_process_request(bozo_httpreq_t *req
cleanup:
close(fd);
cleanup_nofd:
+ /* If SSL enabled send close_notify. */
+ bozo_ssl_shutdown(request->hr_httpd);
close(STDIN_FILENO);
close(STDOUT_FILENO);
/*close(STDERR_FILENO);*/
Index: src/libexec/httpd/bozohttpd.h
diff -u src/libexec/httpd/bozohttpd.h:1.62 src/libexec/httpd/bozohttpd.h:1.63
--- src/libexec/httpd/bozohttpd.h:1.62 Sat Jul 11 08:10:52 2020
+++ src/libexec/httpd/bozohttpd.h Thu Aug 20 05:46:31 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.h,v 1.62 2020/07/11 08:10:52 jruoho Exp $ */
+/* $NetBSD: bozohttpd.h,v 1.63 2020/08/20 05:46:31 spz Exp $ */
/* $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $ */
@@ -312,6 +312,7 @@ char *bozostrdup(bozohttpd_t *, bozo_htt
#define bozo_ssl_set_ciphers(w, x) bozo_noop
#define bozo_ssl_init(x) bozo_noop
#define bozo_ssl_accept(x) (0)
+#define bozo_ssl_shutdown(x) bozo_noop
#define bozo_ssl_destroy(x) bozo_noop
#define have_ssl (0)
#else
@@ -319,6 +320,7 @@ void bozo_ssl_set_opts(bozohttpd_t *, co
void bozo_ssl_set_ciphers(bozohttpd_t *, const char *);
void bozo_ssl_init(bozohttpd_t *);
int bozo_ssl_accept(bozohttpd_t *);
+void bozo_ssl_shutdown(bozohttpd_t *);
void bozo_ssl_destroy(bozohttpd_t *);
#define have_ssl (1)
#endif
Index: src/libexec/httpd/cgi-bozo.c
diff -u src/libexec/httpd/cgi-bozo.c:1.49 src/libexec/httpd/cgi-bozo.c:1.50
--- src/libexec/httpd/cgi-bozo.c:1.49 Fri Dec 6 05:53:20 2019
+++ src/libexec/httpd/cgi-bozo.c Thu Aug 20 05:46:31 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: cgi-bozo.c,v 1.49 2019/12/06 05:53:20 mrg Exp $ */
+/* $NetBSD: cgi-bozo.c,v 1.50 2020/08/20 05:46:31 spz Exp $ */
/* $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $ */
@@ -637,6 +637,8 @@ bozo_process_cgi(bozo_httpreq_t *request
/* child reader/writer */
close(STDIN_FILENO);
finish_cgi_output(httpd, request, sv[0], nph);
+ /* if we do SSL, send a SSL_shutdown now */
+ bozo_ssl_shutdown(request->hr_httpd);
/* if we're done output, our parent is useless... */
kill(getppid(), SIGKILL);
debug((httpd, DEBUG_FAT, "done processing cgi output"));
Index: src/libexec/httpd/ssl-bozo.c
diff -u src/libexec/httpd/ssl-bozo.c:1.26 src/libexec/httpd/ssl-bozo.c:1.27
--- src/libexec/httpd/ssl-bozo.c:1.26 Thu Feb 28 08:28:21 2019
+++ src/libexec/httpd/ssl-bozo.c Thu Aug 20 05:46:31 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: ssl-bozo.c,v 1.26 2019/02/28 08:28:21 mrg Exp $ */
+/* $NetBSD: ssl-bozo.c,v 1.27 2020/08/20 05:46:31 spz Exp $ */
/* $eterna: ssl-bozo.c,v 1.15 2011/11/18 09:21:15 mrg Exp $ */
@@ -287,6 +287,15 @@ bozo_ssl_accept(bozohttpd_t *httpd)
}
void
+bozo_ssl_shutdown(bozohttpd_t *httpd)
+{
+ const sslinfo_t *sslinfo = httpd->sslinfo;
+
+ if (sslinfo && sslinfo->bozossl)
+ SSL_shutdown(sslinfo->bozossl);
+}
+
+void
bozo_ssl_destroy(bozohttpd_t *httpd)
{
const sslinfo_t *sslinfo = httpd->sslinfo;
