Commit ac395ae9 authored by Bradley Nicholes's avatar Bradley Nicholes
Browse files

Track the status of an upgradeable socket so that the http_method and...

Track the status of an upgradeable socket so that the http_method and default_port hooks will report the correct information.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105458 13f79535-47bb-0310-9956-ffa450edef68
parent 3e62e576
Loading
Loading
Loading
Loading
+26 −4
Original line number Diff line number Diff line
@@ -89,6 +89,7 @@ module AP_MODULE_DECLARE_DATA nwssl_module;
typedef struct NWSSLSrvConfigRec NWSSLSrvConfigRec;
typedef struct seclisten_rec seclisten_rec;
typedef struct seclistenup_rec seclistenup_rec;
typedef struct secsocket_data secsocket_data;

struct seclisten_rec {
    seclisten_rec *next;
@@ -114,6 +115,11 @@ struct NWSSLSrvConfigRec {
	apr_pool_t *pPool;
};

struct secsocket_data {
    apr_socket_t* csd;
    int is_secure;
};

static apr_array_header_t *certlist = NULL;
static unicode_t** certarray = NULL;
static int numcerts = 0;
@@ -593,7 +599,11 @@ static int nwssl_pre_connection(conn_rec *c, void *csd)
        convert_secure_socket(c, (apr_socket_t*)csd);
    }
    else {
        ap_set_module_config(c->conn_config, &nwssl_module, csd);
        secsocket_data *csd_data = apr_palloc(c->pool, sizeof(secsocket_data));

        csd_data->csd = (apr_socket_t*)csd;
        csd_data->is_secure = 0;
        ap_set_module_config(c->conn_config, &nwssl_module, (void*)csd_data);
    }
    
    return OK;
@@ -730,11 +740,18 @@ static int isSecureUpgradeable (const request_rec *r)
	return isSecureConnUpgradeable (r->server, r->connection);
}

static int isSecureUpgraded (const request_rec *r)
{
    secsocket_data *csd_data = (secsocket_data*)ap_get_module_config(r->connection->conn_config, &nwssl_module);

	return csd_data->is_secure;
}

static int nwssl_hook_Fixup(request_rec *r)
{
    int i;

    if (!isSecure(r))
    if (!isSecure(r) && !isSecureUpgraded(r))
        return DECLINED;

    apr_table_set(r->subprocess_env, "HTTPS", "on");
@@ -744,7 +761,7 @@ static int nwssl_hook_Fixup(request_rec *r)

static const char *nwssl_hook_http_method (const request_rec *r)
{
    if (isSecure(r))
    if (isSecure(r) && !isSecureUpgraded(r))
        return "https";

    return NULL;
@@ -984,6 +1001,7 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
    char *token_string;
    char *token;
    char *token_state;
    secsocket_data *csd_data;

    /* Just remove the filter, if it doesn't work the first time, it won't
     * work at all for this request.
@@ -1022,7 +1040,8 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
    apr_table_unset(r->headers_out, "Upgrade");

    if (r) {
        csd = (apr_socket_t*)ap_get_module_config(r->connection->conn_config, &nwssl_module);
        csd_data = (secsocket_data*)ap_get_module_config(r->connection->conn_config, &nwssl_module);
        csd = csd_data->csd;
    }
    else {
        ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
@@ -1059,6 +1078,9 @@ static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,


        ret = SSLize_Socket(sockdes, key, r);
        if (!ret) {
            csd_data->is_secure = 1;
        }
    }
    else {
        ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,