* modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Only call

author Joe Orton <jorton@apache.org>

Mon, 12 Jan 2004 14:44:46 +0000 (14:44 +0000)

committer Joe Orton <jorton@apache.org>

Mon, 12 Jan 2004 14:44:46 +0000 (14:44 +0000)
author Joe Orton <jorton@apache.org>
Mon, 12 Jan 2004 14:44:46 +0000 (14:44 +0000)
committer Joe Orton <jorton@apache.org>
Mon, 12 Jan 2004 14:44:46 +0000 (14:44 +0000)
diff --git a/CHANGES b/CHANGES

index ee3999dfad31687fd1f5b27fbc28536f68d29071..1e688b8e34cce684173d08bf78506478aa505088 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,8 @@
  Changes with Apache 2.0.49
  
+  *) mod_ssl: Fix segfault on a non-SSL request if the the 'c' log
+     format code is used.  PR 22741.  [Gary E. Miller <gem rellim.com>]
+
    *) Fix build with parallel make.  PR 24643.  [Joe Orton]
  
    *) mod_rewrite: In external rewrite maps lookup keys containing
diff --git a/STATUS b/STATUS

index 308425722c81b3156103a8a8049008682a7be8a3..1a33be4508180093ccc4d41cbedda6a8712d234c 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,5 +1,5 @@
  APACHE 2.0 STATUS:                                              -*-text-*-
-Last modified at [$Date: 2004/01/12 14:37:47 $]
+Last modified at [$Date: 2004/01/12 14:44:46 $]
  
  Release:
  
@@ -99,13 +99,6 @@ PATCHES TO BACKPORT FROM 2.1
        32/64 bit type mismatches in the file size.
        server/core.c r1.255, r1.256
        +1: bnicholes, nd
-      
-    * mod_ssl: Fix ssl_var_lookup for non-SSL requests, and logging of SSL
-      variables from non-SSL connections.
-      http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_vars.c?r1=1.24&r2=1.25
-      http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_vars.c?r1=1.26&r2=1.28
-      PR: 22741, 20852  (<= not 23956 as the commit message says)
-      +1: jorton, nd, trawick
  
      * mod_ssl: Determine library version string at run-time rather than compile-time.
        http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_vars.c?r1=1.25&r2=1.26
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c

index 3e4f8a7e3948e65f119ea6bea2b9fcbb562b3dc0..a3e243db7465d63863bf6d962e54fed36c23fab7 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -87,9 +87,9 @@ void ssl_var_register(void)
      return;
  }
  
+/* This function must remain safe to use for a non-SSL connection. */
  char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var)
  {
-    SSLConnRec *sslconn;
      SSLModConfigRec *mc = myModConfig(s);
      char *result;
      BOOL resdup;
@@ -169,17 +169,18 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
       * Connection stuff
       */
      if (result == NULL && c != NULL) {
-        sslconn = myConnConfig(c);
+        SSLConnRec *sslconn = myConnConfig(c);
          if (strcEQ(var, "REMOTE_ADDR"))
              result = c->remote_ip;
          else if (strcEQ(var, "REMOTE_USER"))
              result = r->user;
          else if (strcEQ(var, "AUTH_TYPE"))
              result = r->ap_auth_type;
-        else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4))
+        else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4) 
+                 && sslconn && sslconn->ssl)
              result = ssl_var_lookup_ssl(p, c, var+4);
          else if (strcEQ(var, "HTTPS")) {
-            if (sslconn->ssl != NULL)
+            if (sslconn && sslconn->ssl)
                  result = "on";
              else
                  result = "off";
@@ -655,7 +656,7 @@ static const char *ssl_var_log_handler_c(request_rec *r, char *a)
      SSLConnRec *sslconn = myConnConfig(r->connection);
      char *result;
  
-    if (sslconn->ssl == NULL)
+    if (sslconn == NULL || sslconn->ssl == NULL)
          return NULL;
      result = NULL;
      if (strEQ(a, "version"))
@@ -681,12 +682,9 @@ static const char *ssl_var_log_handler_c(request_rec *r, char *a)
   */
  static const char *ssl_var_log_handler_x(request_rec *r, char *a)
  {
-    SSLConnRec *sslconn = myConnConfig(r->connection);
      char *result;
  
-    result = NULL;
-    if (sslconn && sslconn->ssl)
-        result = ssl_var_lookup(r->pool, r->server, r->connection, r, a);
+    result = ssl_var_lookup(r->pool, r->server, r->connection, r, a);
      if (result != NULL && result[0] == NUL)
          result = NULL;
      return result;
author	Joe Orton <jorton@apache.org>
	Mon, 12 Jan 2004 14:44:46 +0000 (14:44 +0000)
committer	Joe Orton <jorton@apache.org>
	Mon, 12 Jan 2004 14:44:46 +0000 (14:44 +0000)
CHANGES		patch \| blob \| blame \| history
STATUS		patch \| blob \| blame \| history
modules/ssl/ssl_engine_vars.c		patch \| blob \| blame \| history