mod_ssl: follow up to r1734561.

author Yann Ylavic <ylavic@apache.org>

Tue, 14 Jun 2016 09:35:13 +0000 (09:35 +0000)

committer Yann Ylavic <ylavic@apache.org>

Tue, 14 Jun 2016 09:35:13 +0000 (09:35 +0000)
author Yann Ylavic <ylavic@apache.org>
Tue, 14 Jun 2016 09:35:13 +0000 (09:35 +0000)
committer Yann Ylavic <ylavic@apache.org>
Tue, 14 Jun 2016 09:35:13 +0000 (09:35 +0000)
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c

index 53d12168dc517a24acbc6228fce35c2858a391af..bd7d4beb6c1c13b9745964434c203f7205f5740e 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -891,7 +891,12 @@ static apr_status_t ssl_init_ctx_crl(server_rec *s,
      X509_STORE *store = SSL_CTX_get_cert_store(mctx->ssl_ctx);
      unsigned long crlflags = 0;
      char *cfgp = mctx->pkp ? "SSLProxy" : "SSL";
-    int crl_check_mode = mctx->crl_check_mask & ~SSL_CRLCHECK_FLAGS;
+    int crl_check_mode;
+
+    if (mctx->crl_check_mask == UNSET) {
+        mctx->crl_check_mask = SSL_CRLCHECK_NONE;
+    }
+    crl_check_mode = mctx->crl_check_mask & ~SSL_CRLCHECK_FLAGS;
  
      /*
       * Configure Certificate Revocation List (CRL) Details
author	Yann Ylavic <ylavic@apache.org>
	Tue, 14 Jun 2016 09:35:13 +0000 (09:35 +0000)
committer	Yann Ylavic <ylavic@apache.org>
	Tue, 14 Jun 2016 09:35:13 +0000 (09:35 +0000)