d782b5c3b7
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
[1]
- reintroduce support of multiple instances of apache in startup
script [2]
- Add configtest command to apache22.sh [2]
- rewrite detection of accf_http filter to make it works on all
supported branches.
- fix rcorder [3]
- fix startup at boot time when profiles are used [4]
Spotted by: simon [1], flz[3]
Submitted by: Jarrod Sayers <jarrod@netleader.com.au> [2],
Joe Horn <joehorn@mi.chu.edu.tw> [4]
PR: ports/91154 [2], ports/90708 [4]
21 lines
680 B
Text
21 lines
680 B
Text
--- modules/ssl/ssl_engine_kernel.c 2005/11/10 15:20:05 332309
|
|
+++ modules/ssl/ssl_engine_kernel.c 2006/01/13 14:21:42 368730
|
|
@@ -202,11 +202,14 @@
|
|
}
|
|
|
|
/*
|
|
- * Check to see if SSL protocol is on
|
|
+ * Check to see whether SSL is in use; if it's not, then no
|
|
+ * further access control checks are relevant. (the test for
|
|
+ * sc->enabled is probably strictly unnecessary)
|
|
*/
|
|
- if (!((sc->enabled == SSL_ENABLED_TRUE) || (sc->enabled == SSL_ENABLED_OPTIONAL) || ssl)) {
|
|
+ if (sc->enabled == SSL_ENABLED_FALSE || !ssl) {
|
|
return DECLINED;
|
|
}
|
|
+
|
|
/*
|
|
* Support for per-directory reconfigured SSL connection parameters.
|
|
*
|
|
|
|
|