diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2015-06-10 18:01:45 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2015-06-10 18:02:17 -0400 |
| commit | a62526d425dcbeaa1486cf685c2927afa0459e1d (patch) | |
| tree | 2898f59fbdc2cf7cd9f5184706d7cc05b12df4bb /nss_engine_kernel.c | |
| parent | cc9794ee5309782b5df1b782aa2e15bbd5068612 (diff) | |
| download | mod_nss-a62526d425dcbeaa1486cf685c2927afa0459e1d.tar.gz mod_nss-a62526d425dcbeaa1486cf685c2927afa0459e1d.tar.xz mod_nss-a62526d425dcbeaa1486cf685c2927afa0459e1d.zip | |
Add RenegBufferSize option
Control the buffer size used on a POST when SSL renegotiation is
being done. The default is 128K.
Resolves BZ 1214366
Diffstat (limited to 'nss_engine_kernel.c')
| -rw-r--r-- | nss_engine_kernel.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/nss_engine_kernel.c b/nss_engine_kernel.c index 337ca67..721eedb 100644 --- a/nss_engine_kernel.c +++ b/nss_engine_kernel.c @@ -351,9 +351,18 @@ int nss_hook_Access(request_rec *r) && strcmp(apr_table_get(r->headers_in, "content-length"), "0"))) && !r->expecting_100) { int rv; + apr_size_t rsize; - /* Fill the I/O buffer with the request body if possible. */ - rv = nss_io_buffer_fill(r); + rsize = dc->nRenegBufferSize == UNSET ? DEFAULT_RENEG_BUFFER_SIZE : + dc->nRenegBufferSize; + + if (rsize > 0) { + /* Fill the I/O buffer with the request body if possible. */ + rv = nss_io_buffer_fill(r, rsize); + } else { + /* If the reneg buffer size is set to zero, just fail. */ + rv = HTTP_REQUEST_ENTITY_TOO_LARGE; + } if (rv) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, |