From 56f36286c885bf4e3d53083dcc32ba6eb4a0797f Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 04 Jan 2009 15:52:40 +0000
Subject: Added patch to fix issue with mod_proxy. Investigation and patch by Alain Knaff.

It seems that the reason for this behavior is that the mgs_hook_pre_connection is being called both for incoming and outgoing (mod_proxy) connections.

The attached patch (mod_proxy.patch) tries to find out in which case we are, and returns OK without doing anything if it is an outgoing connection.

The method of telling both cases apart (namely, checking whether remote address' hostname is set) may seem somewhat hackish, but it does work, even if
HostnameLookups is set to On.

If ever there is a problem with this method, we might need to check local port instead (whether it is 443), but that would break if a non-standard https port was used.


---
(limited to 'src/gnutls_hooks.c')

diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 3fa7041..e671a60 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -686,6 +686,10 @@ int mgs_hook_pre_connection(conn_rec * c, void *csd)
 	return DECLINED;
     }
 
+    if(c->remote_addr->hostname)
+      /* Connection initiated by Apache (mod_proxy) => ignore */
+      return OK;
+
     ctxt = create_gnutls_handle(c->pool, c);
 
     ap_set_module_config(c->conn_config, &gnutls_module, ctxt);
--
cgit v0.9.2