httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 46508] New: svn checkin 726109 (add SSLRenegBufferSize) bug, backport
Date Sat, 10 Jan 2009 13:28:15 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=46508

           Summary: svn checkin 726109 (add SSLRenegBufferSize) bug,
                    backport
           Product: Apache httpd-2
           Version: 2.3-HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: tlhackque@yahoo.com


Created an attachment (id=23104)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=23104)
Backport of commit to 2.2.6 with fix

Implementation of SSLRenegBufferSize in svn checkin 726109 was VERY welcome.

I run 2.2.6 (Fedora), and have backported the fix.

However, this uncovered a bug which applies to the checkin as well.

The bug is that the code to default the buffer size is wrong.  Because the
per-directory structure member nRenegBufferSize is initialized to
DEFAULT_RENEG_BUFFER_SIZE, cfgMergeInt will never override it with the
directive value specified at a lower level.

The fix is to initialize it to UNSET and handle the defaulting at point of use.

I have attached the full backport patch file (with fix).

To ease merging it into the trunk, the following is a diff of the backport
>patch< file before vs. after this fix.

I trust that this will be useful & that someone with commit privs will apply
this to the source tree.

 diff ssl_post_renegotiate.patch.yours-backported
ssl_post_renegotiate.patch.mine
34c34 { modules/ssl/ssl_engine_config.c }
< +    dc->nRenegBufferSize = DEFAULT_RENEG_BUFFER_SIZE;
---
> +    dc->nRenegBufferSize = UNSET;
166c166 { modules/ssl/ssl_engine_kernel.c }
< @@ -510,15 +510,21 @@
---
> @@ -510,14 +510,23 @@
175c175,178
< +     if (dc->nRenegBufferSize > 0) {
---
> +     int rsize;
> +     rsize = dc->nRenegBufferSize;
> +     if( rsize == UNSET ) { rsize = DEFAULT_RENEG_BUFFER_SIZE; }
> +     if (rsize > 0) {
177c180
< +       rv = ssl_io_buffer_fill(r, dc->nRenegBufferSize);
---
> +       rv = ssl_io_buffer_fill(r, rsize);


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message