diff options
author | Ruediger Pluem <rpluem@apache.org> | 2010-12-29 09:43:56 +0000 |
---|---|---|
committer | Ruediger Pluem <rpluem@apache.org> | 2010-12-29 09:43:56 +0000 |
commit | 2eb8e09fe707cdcff490b7edd65baa208e845690 (patch) | |
tree | 777b7f1ad46cb9d7edf248a8c46992341b007866 | |
parent | e79c7937407bc9ca60ed2c5e511bd6ffa9ed59ad (diff) | |
download | httpd-2eb8e09fe707cdcff490b7edd65baa208e845690.tar.gz |
* Fix r1039304 and make the patch similar to the one proposed for
2.2.x: If the SSL handshake to the backend fails we cannot even
sent an HTTP request. So the check needs to happen already when
we sent data not when we receive data.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053584 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | modules/proxy/mod_proxy_http.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c index e661f34e45..9aa168697f 100644 --- a/modules/proxy/mod_proxy_http.c +++ b/modules/proxy/mod_proxy_http.c @@ -271,10 +271,16 @@ static int pass_brigade(apr_bucket_alloc_t *bucket_alloc, ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server, "proxy: pass request body failed to %pI (%s)", conn->addr, conn->hostname); - if (origin->aborted) { + if (origin->aborted) { + if (strcmp(apr_table_get(origin->notes, + "SSL_connect_rv"), "err") == 0) { + return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, + "Error during SSL Handshake with" + " remote server"); + } return APR_STATUS_IS_TIMEUP(status) ? HTTP_GATEWAY_TIME_OUT : HTTP_BAD_GATEWAY; } - else { + else { return HTTP_BAD_REQUEST; } } @@ -1469,12 +1475,6 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r, return ap_proxyerror(r, HTTP_SERVICE_UNAVAILABLE, "Timeout on 100-Continue"); } } - else if (strcmp(apr_table_get(backend->connection->notes, - "SSL_connect_rv"), "err") == 0) { - return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, - "Error during SSL Handshake with" - " remote server"); - } /* * If we are a reverse proxy request shutdown the connection * WITHOUT ANY response to trigger a retry by the client |