From 8862f2951622032c3b4517ff14e36e4043e84a35 Mon Sep 17 00:00:00 2001 From: Nokis Mavrogiannopoulos Date: Sun, 4 Jan 2009 15:52:40 +0000 Subject: Added patch to fix issue with mod_proxy. Investigation and patch by Alain Knaff. It seems that the reason for this behavior is that the mgs_hook_pre_connection is being called both for incoming and outgoing (mod_proxy) connections. The attached patch (mod_proxy.patch) tries to find out in which case we are, and returns OK without doing anything if it is an outgoing connection. The method of telling both cases apart (namely, checking whether remote address' hostname is set) may seem somewhat hackish, but it does work, even if HostnameLookups is set to On. If ever there is a problem with this method, we might need to check local port instead (whether it is 443), but that would break if a non-standard https port was used. --- src/gnutls_hooks.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 3fa7041..e671a60 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c @@ -686,6 +686,10 @@ int mgs_hook_pre_connection(conn_rec * c, void *csd) return DECLINED; } + if(c->remote_addr->hostname) + /* Connection initiated by Apache (mod_proxy) => ignore */ + return OK; + ctxt = create_gnutls_handle(c->pool, c); ap_set_module_config(c->conn_config, &gnutls_module, ctxt); -- cgit