*) mod_md: fixed a bug leading to failed transfers for OCSP

stapling information when more than 6 certificates needed updates in the same run. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900628 13f79535-47bb-0310-9956-ffa450edef68
author: Stefan Eissing <icing@apache.org> 2022-05-06 13:09:46 +0000
committer: Stefan Eissing <icing@apache.org> 2022-05-06 13:09:46 +0000
commit: 2115b2996809459f31caad7ae7e1bc61c0cc7570 (patch)
tree: 47d517a7d56c8c3ee512f1c94e0914fba92e7f34
parent: e7dfa99412c862d89a9f8f0146653387f12ff74c (diff)
download: httpd-2115b2996809459f31caad7ae7e1bc61c0cc7570.tar.gz
4 files changed, 18 insertions, 23 deletions
diff --git a/changes-entries/md_ocsp_update.txt b/changes-entries/md_ocsp_update.txt
new file mode 100644
index 0000000000..474cb9016d
--- /dev/null
+++ b/changes-entries/md_ocsp_update.txt
@@ -0,0 +1,3 @@
+  *) mod_md:  fixed a bug leading to failed transfers for OCSP
+     stapling information when more than 6 certificates needed
+     updates in the same run. [Stefan Eissing]
diff --git a/modules/md/md_curl.c b/modules/md/md_curl.c
index e3f32d3548..3a69ad4d98 100644
--- a/modules/md/md_curl.c
+++ b/modules/md/md_curl.c
@@ -251,17 +251,18 @@ static apr_status_t internals_setup(md_http_request_t *req)
             rv = APR_EGENERAL;
             goto leave;
         }
-        curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_cb);
-        curl_easy_setopt(curl, CURLOPT_HEADERDATA, NULL);
-        curl_easy_setopt(curl, CURLOPT_READFUNCTION, req_data_cb);
-        curl_easy_setopt(curl, CURLOPT_READDATA, NULL);
-        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, resp_data_cb);
-        curl_easy_setopt(curl, CURLOPT_WRITEDATA, NULL);
     }
     else {
         md_log_perror(MD_LOG_MARK, MD_LOG_TRACE3, 0, req->pool, "reusing curl instance from http");
     }
 
+    curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_cb);
+    curl_easy_setopt(curl, CURLOPT_HEADERDATA, NULL);
+    curl_easy_setopt(curl, CURLOPT_READFUNCTION, req_data_cb);
+    curl_easy_setopt(curl, CURLOPT_READDATA, NULL);
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, resp_data_cb);
+    curl_easy_setopt(curl, CURLOPT_WRITEDATA, NULL);
+
     internals = apr_pcalloc(req->pool, sizeof(*internals));
     internals->curl = curl;
         
@@ -354,6 +355,9 @@ static apr_status_t update_status(md_http_request_t *req)
         rv = curl_status(curl_easy_getinfo(internals->curl, CURLINFO_RESPONSE_CODE, &l));
         if (APR_SUCCESS == rv) {
             internals->response->status = (int)l;
+            md_log_perror(MD_LOG_MARK, MD_LOG_TRACE3, rv, req->pool,
+                          "req[%d]: http status is %d",
+                          req->id, internals->response->status);
         }
     }
     return rv;
@@ -579,19 +583,7 @@ static void md_curl_req_cleanup(md_http_request_t *req)
     md_curl_internals_t *internals = req->internals;
     if (internals) {
         if (internals->curl) {
-            CURL *curl = md_http_get_impl_data(req->http);
-            if (curl == internals->curl) {
-                /* NOP: we have this curl at the md_http_t already */
-            }
-            else if (!curl) {
-                /* no curl at the md_http_t yet, install this one */
-                md_log_perror(MD_LOG_MARK, MD_LOG_TRACE3, 0, req->pool, "register curl instance at http");
-                md_http_set_impl_data(req->http, internals->curl);
-            }
-            else {
-                /* There already is a curl at the md_http_t and it's not this one. */
-                curl_easy_cleanup(internals->curl);
-            }
+            curl_easy_cleanup(internals->curl);
         }
         if (internals->req_hdrs) curl_slist_free_all(internals->req_hdrs);
         req->internals = NULL;
diff --git a/modules/md/md_ocsp.c b/modules/md/md_ocsp.c
index 6520c543a9..67c6e12d80 100644
--- a/modules/md/md_ocsp.c
+++ b/modules/md/md_ocsp.c
@@ -837,8 +837,8 @@ static apr_status_t next_todo(md_http_request_t **preq, void *baton,
             md_http_set_on_response_cb(req, ostat_on_resp, update);
             rv = APR_SUCCESS;
             md_log_perror(MD_LOG_MARK, MD_LOG_TRACE2, 0, req->pool,
-                          "scheduling OCSP request for %s, %d request in flight",
-                          ostat->md_name, in_flight);
+                          "scheduling OCSP request[%d] for %s, %d request in flight",
+                          req->id, ostat->md_name, in_flight);
         }
     }
 cleanup:
diff --git a/modules/md/md_version.h b/modules/md/md_version.h
index 92cad1b1cd..d634538e1a 100644
--- a/modules/md/md_version.h
+++ b/modules/md/md_version.h
@@ -27,7 +27,7 @@
  * @macro
  * Version number of the md module as c string
  */
-#define MOD_MD_VERSION "2.4.14"
+#define MOD_MD_VERSION "2.4.15"
 
 /**
  * @macro
@@ -35,7 +35,7 @@
  * release. This is a 24 bit number with 8 bits for major number, 8 bits
  * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
  */
-#define MOD_MD_VERSION_NUM 0x02040e
+#define MOD_MD_VERSION_NUM 0x02040f
 
 #define MD_ACME_DEF_URL         "https://acme-v02.api.letsencrypt.org/directory"
 #define MD_TAILSCALE_DEF_URL    "file://localhost/var/run/tailscale/tailscaled.sock"
author	Stefan Eissing <icing@apache.org>	2022-05-06 13:09:46 +0000
committer	Stefan Eissing <icing@apache.org>	2022-05-06 13:09:46 +0000
commit	2115b2996809459f31caad7ae7e1bc61c0cc7570 (patch)
tree	47d517a7d56c8c3ee512f1c94e0914fba92e7f34
parent	e7dfa99412c862d89a9f8f0146653387f12ff74c (diff)
download	httpd-2115b2996809459f31caad7ae7e1bc61c0cc7570.tar.gz