[packages/apache.git] / apache-CVE-2005-3357.patch

http://bugs.gentoo.org/show_bug.cgi?id=115324

--- modules/ssl/ssl_engine_kernel.c	(Revision 368148)
+++ modules/ssl/ssl_engine_kernel.c	(Arbeitskopie)
@@ -202,11 +202,14 @@
     }
 
     /*
-     * Check to see if SSL protocol is on
+     * Check to see whether SSL is in use; if it's not, then no
+     * further access control checks are relevant.  (the test for
+     * sc->enabled is probably strictly unnecessary)
      */
-    if (!(sc->enabled || ssl)) {
+    if (!sc->enabled || !ssl) {
         return DECLINED;
     }
+
     /*
      * Support for per-directory reconfigured SSL connection parameters.
      *
Commit	Line	Data
846a341e ER	1	http://bugs.gentoo.org/show_bug.cgi?id=115324
	2
	3	--- modules/ssl/ssl_engine_kernel.c (Revision 368148)
	4	+++ modules/ssl/ssl_engine_kernel.c (Arbeitskopie)
	5	@@ -202,11 +202,14 @@
	6	}
	7
	8	/*
	9	- * Check to see if SSL protocol is on
	10	+ * Check to see whether SSL is in use; if it's not, then no
	11	+ * further access control checks are relevant. (the test for
	12	+ * sc->enabled is probably strictly unnecessary)
	13	*/
	14	- if (!(sc->enabled \|\| ssl)) {
	15	+ if (!sc->enabled \|\| !ssl) {
	16	return DECLINED;
	17	}
	18	+
	19	/*
	20	* Support for per-directory reconfigured SSL connection parameters.
	21	*