Context Navigation

Back to Ticket #285

Ticket #285: committed-patch-1.4.19.patch

File committed-patch-1.4.19.patch, 2.9 kB (added by hoffie, 6 months ago)
backport to 1.4.19 of the patch which actually got committed

NEWS

diff -r ade3eead0e8d -r 82c24356bcd0 NEWS

a	b
8	8	* added support for If-Range: <date> (#1346)
9	9	* added support for matching $HTTP["scheme"] in configs
10	10	* fixed initgroups() called after chroot (#1384)
	11	* Fix #285 again: read error after SSL_shutdown (thx marton.illes@balabit.com) and clear the error queue before some other calls
11	12	* fixed case-sensitive check for Auth-Method (#1456)
12	13	* execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
13	14	* fixed a bug that made /-prefixed extensions being handled also when

src/connections.c

diff -r ade3eead0e8d -r 82c24356bcd0 src/connections.c

a	b
199	199
200	200	/* don't resize the buffer if we were in SSL_ERROR_WANT_* */
201	201
	202	ERR_clear_error();
202	203	do {
203	204	if (!con->ssl_error_want_reuse_buffer) {
204	205	b = buffer_init();
…	…
1668	1669	}
1669	1670	#ifdef USE_OPENSSL
1670	1671	if (srv_sock->is_ssl) {
1671		int ret;
	1672	int ret, ssl_r;
	1673	unsigned long err;
	1674	ERR_clear_error();
1672	1675	switch ((ret = SSL_shutdown(con->ssl))) {
1673	1676	case 1:
1674	1677	/* ok */
1675	1678	break;
1676	1679	case 0:
1677		SSL_shutdown(con->ssl);
1678		break;
	1680	ERR_clear_error();
	1681	if (-1 != (ret = SSL_shutdown(con->ssl))) break;
	1682
	1683	// fall through
1679	1684	default:
1680		log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
1681		SSL_get_error(con->ssl, ret),
1682		ERR_error_string(ERR_get_error(), NULL));
1683		return -1;
	1685
	1686	switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
	1687	case SSL_ERROR_WANT_WRITE:
	1688	case SSL_ERROR_WANT_READ:
	1689	break;
	1690	case SSL_ERROR_SYSCALL:
	1691	/* perhaps we have error waiting in our error-queue */
	1692	if (0 != (err = ERR_get_error())) {
	1693	do {
	1694	log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
	1695	ssl_r, ret,
	1696	ERR_error_string(err, NULL));
	1697	} while((err = ERR_get_error()));
	1698	} else {
	1699	log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
	1700	ssl_r, r, errno,
	1701	strerror(errno));
	1702	}
	1703
	1704	break;
	1705	default:
	1706	while((err = ERR_get_error())) {
	1707	log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
	1708	ssl_r, ret,
	1709	ERR_error_string(err, NULL));
	1710	}
	1711
	1712	break;
	1713	}
1684	1714	}
1685	1715	}
	1716	ERR_clear_error();
1686	1717	#endif
1687	1718
1688	1719	switch(con->mode) {

src/network_openssl.c

diff -r ade3eead0e8d -r 82c24356bcd0 src/network_openssl.c

a	b
85	85	*
86	86	*/
87	87
	88	ERR_clear_error();
88	89	if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
89	90	unsigned long err;
90	91
…	…
187	188
188	189	close(ifd);
189	190
	191	ERR_clear_error();
190	192	if ((r = SSL_write(ssl, s, toSend)) <= 0) {
191	193	unsigned long err;
192	194

Download in other formats:

Original Format