Merge r105663 from trunk:

* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix possible
NULL pointer dereference in some configurations.

PR: 31848
Reviewed by: jorton, wrowe, jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@125749 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/STATUS b/STATUS
index 0f64bbca0f290dcfb3363701a4fea38fe4468dbf..c545957e287bd94bf80c198f1663d6a40cbdb5f5 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -148,11 +148,6 @@ PATCHES TO BACKPORT FROM 2.1
        svn rev 106653
        +1: wrowe, nd, trawick
 
-    *) mod_ssl: Fix an possible NULL pointer dereference in some configs.
-       http://nagoya.apache.org/bugzilla/showattachment.cgi?attach_id=13182
-       PR: 31848
-       +1: jorton, wrowe, jim
-
     *) several changes to improve logging of connection-oriented errors, including
        ap_log_cerror() API (needs minor bump in addition to changes below)
          http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/core.c?r1=1.289&r2=1.291

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index f7872adfa485c60d282f46d3ad777f2e4cb10d31..2647665d8a7a93069e2236abe12b2be659bda884 100644 (file)
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -860,7 +860,7 @@ int ssl_hook_UserCheck(request_rec *r)
      * - ssl not enabled
      * - client did not present a certificate
      */
-    if (!(sc->enabled && sslconn->ssl && sslconn->client_cert) ||
+    if (!(sc->enabled && sslconn && sslconn->ssl && sslconn->client_cert) ||
         !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user)
     {
         return DECLINED;