SSL_do_handshake can fail with 0 or <0 status codes.

spotted and fixed by rpluem@ git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908936 13f79535-47bb-0310-9956-ffa450edef68
author: Giovanni Bechis <gbechis@apache.org> 2023-04-03 09:03:51 +0000
committer: Giovanni Bechis <gbechis@apache.org> 2023-04-03 09:03:51 +0000
commit: 11284b9d3b103e54a3f0e50f8259b77c36db955d (patch)
tree: e79eb8486198b8ed7b487b86e02cf05a32d3465c /modules
parent: 7a680577b18547409e3ff08071da08146aa907a1 (diff)
download: httpd-11284b9d3b103e54a3f0e50f8259b77c36db955d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 27c1d2383a..f63865c37a 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -997,7 +997,7 @@ static int ssl_hook_Access_classic(request_rec *r, SSLSrvConfigRec *sc, SSLDirCo
              * handshake to proceed. */
             modssl_set_reneg_state(sslconn, RENEG_ALLOW);
 
-            if(!SSL_renegotiate(ssl) || !SSL_do_handshake(ssl) || !SSL_is_init_finished(ssl)) {
+            if(!SSL_renegotiate(ssl) || (SSL_do_handshake(ssl) != 1) || !SSL_is_init_finished(ssl)) {
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02225)
                               "Re-negotiation request failed");
                 ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);
author	Giovanni Bechis <gbechis@apache.org>	2023-04-03 09:03:51 +0000
committer	Giovanni Bechis <gbechis@apache.org>	2023-04-03 09:03:51 +0000
commit	11284b9d3b103e54a3f0e50f8259b77c36db955d (patch)
tree	e79eb8486198b8ed7b487b86e02cf05a32d3465c /modules
parent	7a680577b18547409e3ff08071da08146aa907a1 (diff)
download	httpd-11284b9d3b103e54a3f0e50f8259b77c36db955d.tar.gz