web/SOURCES/httpd-2.4.6-CVE-2017-3169.p...

diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index 85c6ce7..4a9fc9a 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -834,19 +834,20 @@ static apr_status_t ssl_filter_write(ap_filter_t *f,
  * establish an outgoing SSL connection. */
 #define MODSSL_ERROR_BAD_GATEWAY (APR_OS_START_USERERR + 1)
 
-static void ssl_io_filter_disable(SSLConnRec *sslconn, ap_filter_t *f)
+static void ssl_io_filter_disable(SSLConnRec *sslconn, 
+                                  bio_filter_in_ctx_t *inctx)
 {
-    bio_filter_in_ctx_t *inctx = f->ctx;
     SSL_free(inctx->ssl);
     sslconn->ssl = NULL;
     inctx->ssl = NULL;
     inctx->filter_ctx->pssl = NULL;
 }
 
-static apr_status_t ssl_io_filter_error(ap_filter_t *f,
+static apr_status_t ssl_io_filter_error(bio_filter_in_ctx_t *inctx,
                                         apr_bucket_brigade *bb,
                                         apr_status_t status)
 {
+    ap_filter_t *f = inctx->f;
     SSLConnRec *sslconn = myConnConfig(f->c);
     apr_bucket *bucket;
     int send_eos = 1;
@@ -860,7 +861,7 @@ static apr_status_t ssl_io_filter_error(ap_filter_t *f,
             ssl_log_ssl_error(SSLLOG_MARK, APLOG_INFO, sslconn->server);
 
             sslconn->non_ssl_request = NON_SSL_SEND_HDR_SEP;
-            ssl_io_filter_disable(sslconn, f);
+            ssl_io_filter_disable(sslconn, inctx);
 
             /* fake the request line */
             bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);
@@ -1342,7 +1343,7 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f,
      * rather than have SSLEngine On configured.
      */
     if ((status = ssl_io_filter_handshake(inctx->filter_ctx)) != APR_SUCCESS) {
-        return ssl_io_filter_error(f, bb, status);
+        return ssl_io_filter_error(inctx, bb, status);
     }
 
     if (is_init) {
@@ -1396,7 +1397,7 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f,
 
     /* Handle custom errors. */
     if (status != APR_SUCCESS) {
-        return ssl_io_filter_error(f, bb, status);
+        return ssl_io_filter_error(inctx, bb, status);
     }
 
     /* Create a transient bucket out of the decrypted data. */
@@ -1613,7 +1614,7 @@ static apr_status_t ssl_io_filter_output(ap_filter_t *f,
     inctx->block = APR_BLOCK_READ;
 
     if ((status = ssl_io_filter_handshake(filter_ctx)) != APR_SUCCESS) {
-        return ssl_io_filter_error(f, bb, status);
+        return ssl_io_filter_error(inctx, bb, status);
     }
 
     while (!APR_BRIGADE_EMPTY(bb)) {
httpd package update Signed-off-by: webbuilder_pel7x64builder0 <webbuilder@powerel.org> 6 years ago			`diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c`
			`index 85c6ce7..4a9fc9a 100644`
			`--- a/modules/ssl/ssl_engine_io.c`
			`+++ b/modules/ssl/ssl_engine_io.c`
			`@@ -834,19 +834,20 @@ static apr_status_t ssl_filter_write(ap_filter_t *f,`
			`* establish an outgoing SSL connection. */`
			`#define MODSSL_ERROR_BAD_GATEWAY (APR_OS_START_USERERR + 1)`

			`-static void ssl_io_filter_disable(SSLConnRec sslconn, ap_filter_t f)`
			`+static void ssl_io_filter_disable(SSLConnRec *sslconn,`
			`+ bio_filter_in_ctx_t *inctx)`
			`{`
			`- bio_filter_in_ctx_t *inctx = f->ctx;`
			`SSL_free(inctx->ssl);`
			`sslconn->ssl = NULL;`
			`inctx->ssl = NULL;`
			`inctx->filter_ctx->pssl = NULL;`
			`}`

			`-static apr_status_t ssl_io_filter_error(ap_filter_t *f,`
			`+static apr_status_t ssl_io_filter_error(bio_filter_in_ctx_t *inctx,`
			`apr_bucket_brigade *bb,`
			`apr_status_t status)`
			`{`
			`+ ap_filter_t *f = inctx->f;`
			`SSLConnRec *sslconn = myConnConfig(f->c);`
			`apr_bucket *bucket;`
			`int send_eos = 1;`
			`@@ -860,7 +861,7 @@ static apr_status_t ssl_io_filter_error(ap_filter_t *f,`
			`ssl_log_ssl_error(SSLLOG_MARK, APLOG_INFO, sslconn->server);`

			`sslconn->non_ssl_request = NON_SSL_SEND_HDR_SEP;`
			`- ssl_io_filter_disable(sslconn, f);`
			`+ ssl_io_filter_disable(sslconn, inctx);`

			`/* fake the request line */`
			`bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);`
			`@@ -1342,7 +1343,7 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f,`
			`* rather than have SSLEngine On configured.`
			`*/`
			`if ((status = ssl_io_filter_handshake(inctx->filter_ctx)) != APR_SUCCESS) {`
			`- return ssl_io_filter_error(f, bb, status);`
			`+ return ssl_io_filter_error(inctx, bb, status);`
			`}`

			`if (is_init) {`
			`@@ -1396,7 +1397,7 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f,`

			`/* Handle custom errors. */`
			`if (status != APR_SUCCESS) {`
			`- return ssl_io_filter_error(f, bb, status);`
			`+ return ssl_io_filter_error(inctx, bb, status);`
			`}`

			`/* Create a transient bucket out of the decrypted data. */`
			`@@ -1613,7 +1614,7 @@ static apr_status_t ssl_io_filter_output(ap_filter_t *f,`
			`inctx->block = APR_BLOCK_READ;`

			`if ((status = ssl_io_filter_handshake(filter_ctx)) != APR_SUCCESS) {`
			`- return ssl_io_filter_error(f, bb, status);`
			`+ return ssl_io_filter_error(inctx, bb, status);`
			`}`

			`while (!APR_BRIGADE_EMPTY(bb)) {`