From: Joe Orton Date: Thu, 20 Jan 2005 09:50:59 +0000 (+0000) Subject: Merge r105663 from trunk: X-Git-Tag: 2.0.53~69 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0dc4f800577c6cec0fbced304cae740c4a04f52e;p=thirdparty%2Fapache%2Fhttpd.git Merge r105663 from trunk: * modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix possible NULL pointer dereference in some configurations. PR: 31848 Reviewed by: jorton, wrowe, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@125749 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 0f64bbca0f2..c545957e287 100644 --- a/STATUS +++ b/STATUS @@ -148,11 +148,6 @@ PATCHES TO BACKPORT FROM 2.1 svn rev 106653 +1: wrowe, nd, trawick - *) mod_ssl: Fix an possible NULL pointer dereference in some configs. - http://nagoya.apache.org/bugzilla/showattachment.cgi?attach_id=13182 - PR: 31848 - +1: jorton, wrowe, jim - *) several changes to improve logging of connection-oriented errors, including ap_log_cerror() API (needs minor bump in addition to changes below) http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/core.c?r1=1.289&r2=1.291 diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index f7872adfa48..2647665d8a7 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -860,7 +860,7 @@ int ssl_hook_UserCheck(request_rec *r) * - ssl not enabled * - client did not present a certificate */ - if (!(sc->enabled && sslconn->ssl && sslconn->client_cert) || + if (!(sc->enabled && sslconn && sslconn->ssl && sslconn->client_cert) || !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user) { return DECLINED;