httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mad...@apache.org
Subject cvs commit: httpd-2.0/modules/ssl ssl_engine_io.c
Date Sat, 28 Feb 2004 00:45:26 GMT
madhum      2004/02/27 16:45:26

  Modified:    .        CHANGES
               include  http_connection.h
               server   connection.c core.c
               modules/ssl ssl_engine_io.c
  Log:
  Send the 'Close Alert' message to the peer upon closing a SSL session. This
  required creating a new EOC (End-Of-Connection) bucket type to notify mod_ssl
  that the connection is about to be closed.
  
  Reviewed by: Joe Orton, Justin Erenkrantz
  
  Revision  Changes    Path
  1.1411    +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1410
  retrieving revision 1.1411
  diff -u -r1.1410 -r1.1411
  --- CHANGES	26 Feb 2004 20:36:29 -0000	1.1410
  +++ CHANGES	28 Feb 2004 00:45:25 -0000	1.1411
  @@ -2,6 +2,9 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) mod_ssl: Send the Close Alert message to the peer before closing
  +     the SSL session. [Madhusudan Mathihalli, Joe Orton]
  +
     *) mod_setenvif: Remove "support" for Remote_User variable which
        never worked at all. PR 25725.  [André Malo]
   
  
  
  
  1.60      +28 -0     httpd-2.0/include/http_connection.h
  
  Index: http_connection.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/http_connection.h,v
  retrieving revision 1.59
  retrieving revision 1.60
  diff -u -r1.59 -r1.60
  --- http_connection.h	9 Feb 2004 20:38:21 -0000	1.59
  +++ http_connection.h	28 Feb 2004 00:45:26 -0000	1.60
  @@ -103,6 +103,34 @@
    */
   AP_DECLARE_HOOK(int,process_connection,(conn_rec *c))
   
  +/* End Of Connection (EOC) bucket */
  +
  +AP_DECLARE_DATA extern const apr_bucket_type_t ap_bucket_type_eoc;
  +
  +/**
  + * Determine if a bucket is an End Of Connection (EOC) bucket
  + * @param e The bucket to inspect
  + * @return true or false
  + */
  +#define AP_BUCKET_IS_EOC(e)         (e->type == &ap_bucket_type_eoc)
  +
  +/**
  + * Make the bucket passed in an End Of Connection (EOC) bucket
  + * @param b The bucket to make into an EOC bucket
  + * @return The new bucket, or NULL if allocation failed
  + * @deffunc apr_bucket *ap_bucket_eoc_make(apr_bucket *b)
  + */
  +AP_DECLARE(apr_bucket *) ap_bucket_eoc_make(apr_bucket *b);
  +
  +/**
  + * Create a bucket referring to an End Of Connection (EOC). This indicates
  + * that the connection will be closed.
  + * @param list The freelist from which this bucket should be allocated
  + * @return The new bucket, or NULL if allocation failed
  + * @deffunc apr_bucket *ap_bucket_eoc_create(apr_bucket_alloc_t *list)
  + */
  +AP_DECLARE(apr_bucket *) ap_bucket_eoc_create(apr_bucket_alloc_t *list);
  +
   #ifdef __cplusplus
   }
   #endif
  
  
  
  1.115     +7 -0      httpd-2.0/server/connection.c
  
  Index: connection.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/connection.c,v
  retrieving revision 1.114
  retrieving revision 1.115
  diff -u -r1.114 -r1.115
  --- connection.c	9 Feb 2004 20:40:49 -0000	1.114
  +++ connection.c	28 Feb 2004 00:45:26 -0000	1.115
  @@ -71,8 +71,15 @@
       apr_bucket *b;
   
       bb = apr_brigade_create(c->pool, c->bucket_alloc);
  +
  +    /* FLUSH bucket */
       b = apr_bucket_flush_create(c->bucket_alloc);
       APR_BRIGADE_INSERT_TAIL(bb, b);
  +
  +    /* End Of Connection bucket */
  +    b = apr_bucket_eoc_create(c->bucket_alloc);
  +    APR_BRIGADE_INSERT_TAIL(bb, b);
  +
       ap_pass_brigade(c->output_filters, bb);
   }
   
  
  
  
  1.262     +3 -0      httpd-2.0/server/core.c
  
  Index: core.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/core.c,v
  retrieving revision 1.261
  retrieving revision 1.262
  diff -u -r1.261 -r1.262
  --- core.c	19 Feb 2004 11:19:43 -0000	1.261
  +++ core.c	28 Feb 2004 00:45:26 -0000	1.262
  @@ -3854,6 +3854,9 @@
               if (APR_BUCKET_IS_EOS(e)) {
                   break;
               }
  +            if (AP_BUCKET_IS_EOC(e)) {
  +                apr_bucket_delete(e);
  +            }
               if (APR_BUCKET_IS_FLUSH(e)) {
                   if (e != APR_BRIGADE_LAST(b)) {
                       more = apr_brigade_split(b, APR_BUCKET_NEXT(e));
  
  
  
  1.119     +19 -1     httpd-2.0/modules/ssl/ssl_engine_io.c
  
  Index: ssl_engine_io.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_io.c,v
  retrieving revision 1.118
  retrieving revision 1.119
  diff -u -r1.118 -r1.119
  --- ssl_engine_io.c	25 Feb 2004 10:54:29 -0000	1.118
  +++ ssl_engine_io.c	28 Feb 2004 00:45:26 -0000	1.119
  @@ -100,6 +100,7 @@
       BIO                *pbioWrite;
       ap_filter_t        *pInputFilter;
       ap_filter_t        *pOutputFilter;
  +    int                nobuffer; /* non-zero to prevent buffering */
   } ssl_filter_ctx_t;
   
   typedef struct {
  @@ -193,7 +194,8 @@
        */
       BIO_clear_retry_flags(bio);
   
  -    if (!outctx->length && (inl + outctx->blen < sizeof(outctx->buffer)))
{
  +    if (!outctx->length && (inl + outctx->blen < sizeof(outctx->buffer))
&&
  +        !outctx->filter_ctx->nobuffer) {
           /* the first two SSL_writes (of 1024 and 261 bytes)
            * need to be in the same packet (vec[0].iov_base)
            */
  @@ -1395,6 +1397,22 @@
                    */
                   apr_bucket_delete(bucket);
               }
  +        }
  +        else if (AP_BUCKET_IS_EOC(bucket)) {
  +            /* The special "EOC" bucket means a shutdown is needed;
  +             * - turn off buffering in bio_filter_out_write
  +             * - issue the SSL_shutdown
  +             */
  +            filter_ctx->nobuffer = 1;
  +            status = ssl_filter_io_shutdown(filter_ctx, f->c, 0);
  +            if (status != APR_SUCCESS) {
  +                ap_log_error(APLOG_MARK, APLOG_INFO, status, NULL,
  +                             "SSL filter error shutting down I/O");
  +            }
  +            if ((status = ap_pass_brigade(f->next, bb)) != APR_SUCCESS) {
  +                return status;
  +            }
  +            break;
           }
           else {
               /* filter output */
  
  
  

Mime
View raw message