diff --git a/CHANGES b/CHANGES index fccf7392..8d348b46 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,9 @@ -03 Sep 2008 - trunk +15 Sep 2008 - trunk ------------------- + * Worked around mod_jk issue where a 401 response was not including the + WWW-Authentication header. + * Fixed XML DTD/Schema validation which will now fail after request body processing errors, even if the XML parser returns a document tree. diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c index 457ee6cc..3e030e63 100644 --- a/apache2/apache2_io.c +++ b/apache2/apache2_io.c @@ -378,6 +378,8 @@ static apr_status_t output_filter_init(modsec_rec *msr, ap_filter_t *f, return -1; /* Invalid. */ } + msr->response_content_length = len; + if (len == 0) { if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Output filter: Skipping response since Content-Length is zero."); @@ -676,6 +678,22 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) { } } + msr->of_done_reading = 1; + } + /* ENH: Probably need to make the handlers for this workaround + * configurable. */ + else if ( (strcmp("jakarta-servlet", msr->r->handler) == 0) + && APR_BUCKET_IS_FLUSH(bucket) + && (APR_BUCKET_NEXT(bucket) == APR_BRIGADE_SENTINEL(bb_in)) + && (msr->resbody_length == msr->response_content_length)) + { + /* A FLUSH sent as the last bucket in the bridade may indicate + * the end of the response for certain modules if the bytes + * received match the response C-L header. In this case, the + * FLUSH bucket is interpreted as an EOS. + */ + msr_log(msr, 4, "Output filter: Interpreted FLUSH as EOS for handler \"%s\".", msr->r->handler); + msr->of_done_reading = 1; } } diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index 7cfdd5ea..fbf28fdc 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -268,6 +268,7 @@ struct modsec_rec { const char *response_protocol; apr_table_t *response_headers; unsigned int response_headers_sent; + apr_off_t response_content_length; apr_off_t bytes_sent; /* modsecurity request body processing stuff */