diff options
author | Graham Leggett <minfrin@apache.org> | 2022-01-22 22:02:11 +0000 |
---|---|---|
committer | Graham Leggett <minfrin@apache.org> | 2022-01-22 22:02:11 +0000 |
commit | 204b709eef975cd7dfb86709cb1b4d61148953d9 (patch) | |
tree | 62493147d9020ad4d8075888e1a856c2a84c90c4 | |
parent | 82cba5c0ebbea53f7ae74a9c6cb5402c38e7f8bf (diff) | |
download | httpd-204b709eef975cd7dfb86709cb1b4d61148953d9.tar.gz |
mod_ssl: An edge case exists where SSL_read might return SSL_ERROR_WANT_READ
even in blocking BIO cases. Set guards so that an async MPM is not accessed
at this point. There is no need to set non blocking, mod_ssl's BIO already
knows how to do this.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1897356 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | modules/ssl/ssl_engine_io.c | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c index c693ad2a3a..c31f008f3f 100644 --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c @@ -796,7 +796,9 @@ static apr_status_t ssl_io_input_read(bio_filter_in_ctx_t *inctx, * (This is usually the case when the client forces an SSL * renegotiation which is handled implicitly by OpenSSL.) */ - inctx->c->cs->sense = CONN_SENSE_WANT_READ; + if (inctx->c->cs) { + inctx->c->cs->sense = CONN_SENSE_WANT_READ; + } inctx->rc = APR_EAGAIN; if (*len > 0) { @@ -817,7 +819,9 @@ static apr_status_t ssl_io_input_read(bio_filter_in_ctx_t *inctx, * (This is usually the case when the client forces an SSL * renegotiation which is handled implicitly by OpenSSL.) */ - inctx->c->cs->sense = CONN_SENSE_WANT_WRITE; + if (inctx->c->cs) { + inctx->c->cs->sense = CONN_SENSE_WANT_WRITE; + } inctx->rc = APR_EAGAIN; if (*len > 0) { @@ -983,7 +987,9 @@ static apr_status_t ssl_filter_write(ap_filter_t *f, * (This is usually the case when the client forces an SSL * renegotiation which is handled implicitly by OpenSSL.) */ - outctx->c->cs->sense = CONN_SENSE_WANT_READ; + if (outctx->c->cs) { + outctx->c->cs->sense = CONN_SENSE_WANT_READ; + } outctx->rc = APR_EAGAIN; ap_log_cerror(APLOG_MARK, APLOG_TRACE6, 0, outctx->c, "Want read during nonblocking write"); @@ -1516,7 +1522,9 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx) */ ap_log_cerror(APLOG_MARK, APLOG_TRACE6, 0, outctx->c, "Want read during nonblocking accept"); - outctx->c->cs->sense = CONN_SENSE_WANT_READ; + if (outctx->c->cs) { + outctx->c->cs->sense = CONN_SENSE_WANT_READ; + } outctx->rc = APR_EAGAIN; return APR_EAGAIN; } @@ -1526,7 +1534,9 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx) */ ap_log_cerror(APLOG_MARK, APLOG_TRACE6, 0, outctx->c, "Want write during nonblocking accept"); - outctx->c->cs->sense = CONN_SENSE_WANT_WRITE; + if (outctx->c->cs) { + outctx->c->cs->sense = CONN_SENSE_WANT_WRITE; + } outctx->rc = APR_EAGAIN; return APR_EAGAIN; } @@ -2362,13 +2372,6 @@ void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl) #endif BIO_set_data(filter_ctx->pbioWrite, (void *)bio_filter_out_ctx_new(filter_ctx, c)); - /* write is non blocking for the benefit of async mpm */ - if (c->cs) { - BIO_set_nbio(filter_ctx->pbioWrite, 1); - ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c, - "Enabling non-blocking writes"); - } - ssl_io_input_add_filter(filter_ctx, c, r, ssl); SSL_set_bio(ssl, filter_ctx->pbioRead, filter_ctx->pbioWrite); |