Changeset 07d548d in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Jan 26, 2015, 11:41:05 AM (5 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
5342265
Parents:
accbb83
Message:

Properly use SSLProxyEngine option

ssl_proxy_enable now checks if SSLProxyEngine is enabled, and fails with
an error log entry if not. If it is, TLS is enabled in the mod_gnutls
connection structure.

The pre connection hook (mgs_hook_pre_connection) is changed such that
it does not decline any connection whatsoever if TLS proxy is enabled.

Not that actually using TLS in a proxy backend is still unsupported and
will NOT work.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    raccbb83 r07d548d  
    753753        ap_get_module_config(c->conn_config, &gnutls_module);
    754754
    755     if ((sc && (!sc->enabled || sc->proxy_enabled == GNUTLS_ENABLED_TRUE))
    756         || (ctxt && ctxt->enabled == GNUTLS_ENABLED_FALSE))
     755    if ((sc && (!sc->enabled)) || (ctxt && ctxt->enabled == GNUTLS_ENABLED_FALSE))
    757756    {
    758757        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "%s declined connection",
Note: See TracChangeset for help on using the changeset viewer.