From: Joe Orton Date: Mon, 12 Jan 2004 14:44:46 +0000 (+0000) Subject: * modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Only call X-Git-Tag: 2.0.49~222 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6b235f88699fc06fe10f89ac910ad952d7ebc72b;p=thirdparty%2Fapache%2Fhttpd.git * modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Only call ssl_var_lookup_ssl for a real SSL connection; fix lookup of "HTTPS" for non-SSL connections. (ssl_var_log_handler_x): Give results for non-SSL connections too; e.g. %{HTTPS}x does the right thing. (ssl_var_log_handler_c): Fix segfault on a non-SSL request. PR: 22741, 20852 Submitted by: Gary E. Miller , Joe Orton Reviewed by: Andr�� Malo, Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@102288 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index ee3999dfad3..1e688b8e34c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,8 @@ Changes with Apache 2.0.49 + *) mod_ssl: Fix segfault on a non-SSL request if the the 'c' log + format code is used. PR 22741. [Gary E. Miller ] + *) Fix build with parallel make. PR 24643. [Joe Orton] *) mod_rewrite: In external rewrite maps lookup keys containing diff --git a/STATUS b/STATUS index 308425722c8..1a33be45081 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2004/01/12 14:37:47 $] +Last modified at [$Date: 2004/01/12 14:44:46 $] Release: @@ -99,13 +99,6 @@ PATCHES TO BACKPORT FROM 2.1 32/64 bit type mismatches in the file size. server/core.c r1.255, r1.256 +1: bnicholes, nd - - * mod_ssl: Fix ssl_var_lookup for non-SSL requests, and logging of SSL - variables from non-SSL connections. - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_vars.c?r1=1.24&r2=1.25 - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_vars.c?r1=1.26&r2=1.28 - PR: 22741, 20852 (<= not 23956 as the commit message says) - +1: jorton, nd, trawick * mod_ssl: Determine library version string at run-time rather than compile-time. http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_vars.c?r1=1.25&r2=1.26 diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index 3e4f8a7e394..a3e243db746 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -87,9 +87,9 @@ void ssl_var_register(void) return; } +/* This function must remain safe to use for a non-SSL connection. */ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var) { - SSLConnRec *sslconn; SSLModConfigRec *mc = myModConfig(s); char *result; BOOL resdup; @@ -169,17 +169,18 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, * Connection stuff */ if (result == NULL && c != NULL) { - sslconn = myConnConfig(c); + SSLConnRec *sslconn = myConnConfig(c); if (strcEQ(var, "REMOTE_ADDR")) result = c->remote_ip; else if (strcEQ(var, "REMOTE_USER")) result = r->user; else if (strcEQ(var, "AUTH_TYPE")) result = r->ap_auth_type; - else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)) + else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4) + && sslconn && sslconn->ssl) result = ssl_var_lookup_ssl(p, c, var+4); else if (strcEQ(var, "HTTPS")) { - if (sslconn->ssl != NULL) + if (sslconn && sslconn->ssl) result = "on"; else result = "off"; @@ -655,7 +656,7 @@ static const char *ssl_var_log_handler_c(request_rec *r, char *a) SSLConnRec *sslconn = myConnConfig(r->connection); char *result; - if (sslconn->ssl == NULL) + if (sslconn == NULL || sslconn->ssl == NULL) return NULL; result = NULL; if (strEQ(a, "version")) @@ -681,12 +682,9 @@ static const char *ssl_var_log_handler_c(request_rec *r, char *a) */ static const char *ssl_var_log_handler_x(request_rec *r, char *a) { - SSLConnRec *sslconn = myConnConfig(r->connection); char *result; - result = NULL; - if (sslconn && sslconn->ssl) - result = ssl_var_lookup(r->pool, r->server, r->connection, r, a); + result = ssl_var_lookup(r->pool, r->server, r->connection, r, a); if (result != NULL && result[0] == NUL) result = NULL; return result;