diff options
| author | rcritten <> | 2006-08-09 20:11:45 +0000 |
|---|---|---|
| committer | rcritten <> | 2006-08-09 20:11:45 +0000 |
| commit | a2c56687f17bdefe258c63b17264d80be2cbd44c (patch) | |
| tree | 21a4cc83b8f4aeae50778f598faea587d585e91c /mod_nss.h | |
| parent | ecf3a7e8c544b351ed3923ff01806759e7abbb75 (diff) | |
| download | mod_nss-a2c56687f17bdefe258c63b17264d80be2cbd44c.tar.gz mod_nss-a2c56687f17bdefe258c63b17264d80be2cbd44c.tar.xz mod_nss-a2c56687f17bdefe258c63b17264d80be2cbd44c.zip | |
Merge in changes from http://svn.apache.org/viewvc?view=rev&revision=290965
Implement a (bounded) buffer of request body data to provide a limited
but safe fix for the mod_nss renegotiation-vs-requests-with-bodies
bug:
* mod_nss.h (nss_io_buffer_fill): Add prototype.
* nss_engine_io.c (nss_io_buffer_fill,
nss_io_filter_buffer): New functions.
* nss_engine_kernel.c (nss_hook_Access): If a renegotiation is needed,
and the request has a non-zero content-length, or a t-e header (and
100-continue was not requested), call nss_io_buffer_fill to set aside
the request body data if possible, then proceed with the negotiation.
PR: 12355
Diffstat (limited to 'mod_nss.h')
| -rw-r--r-- | mod_nss.h | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -447,6 +447,10 @@ apr_file_t *nss_util_ppopen(server_rec *, apr_pool_t *, const char *, void nss_util_ppclose(server_rec *, apr_pool_t *, apr_file_t *); char *nss_util_readfilter(server_rec *, apr_pool_t *, const char *, const char * const *); +/* ssl_io_buffer_fill fills the setaside buffering of the HTTP request + * to allow an SSL renegotiation to take place. */ +int nss_io_buffer_fill(request_rec *r); + int nss_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix); /* Pass Phrase Handling */ |