Request body: block write events while reading body.

If write events are not blocked, an extra write event might happen for
various reasons (e.g. as a result of a http pipelining), resulting in
incorrect body being passed to a post handler.

The problem manifested itself with the dav module only, as this is
the only module which reads the body from a content phase handler (in
contrast to exclusive content handlers like proxy).  Additionally, dav
module used to dump core in such situations due to ticket #238.

See reports here:

http://mailman.nginx.org/pipermail/nginx-devel/2012-November/002981.html
http://serverfault.com/questions/449195/nginx-webdav-server-with-auth-request

diff --git a/src/http/ngx_http_request_body.c b/src/http/ngx_http_request_body.c
index 2735034a18dc107b19435df2115e527ca4b1e36d..749e4aedb13555c322af9d9eabf7171a9adadf82 100644 (file)
--- a/src/http/ngx_http_request_body.c
+++ b/src/http/ngx_http_request_body.c
@@ -105,6 +105,7 @@ ngx_http_read_client_request_body(ngx_http_request_t *r,
 
             rb->buf = r->header_in;
             r->read_event_handler = ngx_http_read_client_request_body_handler;
+            r->write_event_handler = ngx_http_request_empty_handler;
 
             rc = ngx_http_do_read_client_request_body(r);
             goto done;
@@ -166,6 +167,7 @@ ngx_http_read_client_request_body(ngx_http_request_t *r,
     }
 
     r->read_event_handler = ngx_http_read_client_request_body_handler;
+    r->write_event_handler = ngx_http_request_empty_handler;
 
     rc = ngx_http_do_read_client_request_body(r);