mod_ssl (ssl_engine_io.c: bio_filter_out_write, bio_filter_in_read)

                                                         -*- coding: utf-8 -*-

Changes with Apache 2.4.38

  *) mod_ssl: Clear retry flag before aborting client-initiated renegotiation.

     PR 63052 [Joe Orton]

  *) mod_negotiation: Treat LanguagePriority as case-insensitive to match

     AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet]

PATCHES ACCEPTED TO BACKPORT FROM TRUNK:

  [ start all new proposals below, under PATCHES PROPOSED. ]

  *) mod_ssl (ssl_engine_io.c: bio_filter_out_write, bio_filter_in_read)

     Clear retry flags before aborting on client-initiated reneg. [Joe Orton]

     PR: 63052

     trunk patch: http://svn.apache.org/r1850946

     2.4.x patch: svn merge -c 1850946 ^/httpd/httpd/trunk .

     +1: wrowe, jorton, rpluem

PATCHES PROPOSED TO BACKPORT FROM TRUNK:

  [ New proposals should be added at the end of the list ]

    apr_bucket *e;

    int need_flush;

    BIO_clear_retry_flags(bio);

    /* Abort early if the client has initiated a renegotiation. */

    if (outctx->filter_ctx->config->reneg_state == RENEG_ABORT) {

        outctx->rc = APR_ECONNABORTED;

        return -1;

    }

    /* when handshaking we'll have a small number of bytes.

     * max size SSL will pass us here is about 16k.

     * (16413 bytes to be exact)

     */

    BIO_clear_retry_flags(bio);

    /* Use a transient bucket for the output data - any downstream

     * filter must setaside if necessary. */

    e = apr_bucket_transient_create(in, inl, outctx->bb->bucket_alloc);

    if (!in)

        return 0;

    BIO_clear_retry_flags(bio);

    /* Abort early if the client has initiated a renegotiation. */

    if (inctx->filter_ctx->config->reneg_state == RENEG_ABORT) {

        inctx->rc = APR_ECONNABORTED;

        return -1;

    }

    BIO_clear_retry_flags(bio);

    if (!inctx->bb) {

        inctx->rc = APR_EOF;

        return -1;