]>
Commit | Line | Data |
---|---|---|
0e467b1f AM |
1 | |
2 | Fixes for SSL variable handling from 2.0.49/HEAD. | |
3 | ||
4 | --- httpd-2.0.48/modules/ssl/ssl_engine_vars.c.sslvars | |
5 | +++ httpd-2.0.48/modules/ssl/ssl_engine_vars.c | |
6 | @@ -87,9 +87,9 @@ | |
7 | return; | |
8 | } | |
9 | ||
10 | +/* This function must remain safe to use for a non-SSL connection. */ | |
11 | char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var) | |
12 | { | |
13 | - SSLConnRec *sslconn; | |
14 | SSLModConfigRec *mc = myModConfig(s); | |
15 | char *result; | |
16 | BOOL resdup; | |
17 | @@ -169,17 +169,18 @@ | |
18 | * Connection stuff | |
19 | */ | |
20 | if (result == NULL && c != NULL) { | |
21 | - sslconn = myConnConfig(c); | |
22 | + SSLConnRec *sslconn = myConnConfig(c); | |
23 | if (strcEQ(var, "REMOTE_ADDR")) | |
24 | result = c->remote_ip; | |
25 | else if (strcEQ(var, "REMOTE_USER")) | |
26 | result = r->user; | |
27 | else if (strcEQ(var, "AUTH_TYPE")) | |
28 | result = r->ap_auth_type; | |
29 | - else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)) | |
30 | + else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4) | |
31 | + && sslconn && sslconn->ssl) | |
32 | result = ssl_var_lookup_ssl(p, c, var+4); | |
33 | else if (strcEQ(var, "HTTPS")) { | |
34 | - if (sslconn->ssl != NULL) | |
35 | + if (sslconn && sslconn->ssl) | |
36 | result = "on"; | |
37 | else | |
38 | result = "off"; | |
39 | @@ -280,10 +281,12 @@ | |
40 | else if (ssl != NULL && strcEQ(var, "SESSION_ID")) { | |
41 | char buf[SSL_SESSION_ID_STRING_LEN]; | |
42 | SSL_SESSION *pSession = SSL_get_session(ssl); | |
43 | - result = apr_pstrdup(p, SSL_SESSION_id2sz( | |
44 | - SSL_SESSION_get_session_id(pSession), | |
45 | - SSL_SESSION_get_session_id_length(pSession), | |
46 | - buf, sizeof(buf))); | |
47 | + if (pSession) { | |
48 | + result = apr_pstrdup(p, SSL_SESSION_id2sz( | |
49 | + SSL_SESSION_get_session_id(pSession), | |
50 | + SSL_SESSION_get_session_id_length(pSession), | |
51 | + buf, sizeof(buf))); | |
52 | + } | |
53 | } | |
54 | else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) { | |
55 | result = ssl_var_lookup_ssl_cipher(p, c, var+6); | |
56 | @@ -608,7 +611,7 @@ | |
57 | result = apr_psprintf(p, "mod_ssl/%s", MOD_SSL_VERSION); | |
58 | } | |
59 | else if (strEQ(var, "LIBRARY")) { | |
60 | - result = apr_pstrdup(p, SSL_LIBRARY_TEXT); | |
61 | + result = apr_pstrdup(p, SSLeay_version(SSLEAY_VERSION)); | |
62 | if ((cp = strchr(result, ' ')) != NULL) { | |
63 | *cp = '/'; | |
64 | if ((cp2 = strchr(cp, ' ')) != NULL) | |
65 | @@ -655,7 +658,7 @@ | |
66 | SSLConnRec *sslconn = myConnConfig(r->connection); | |
67 | char *result; | |
68 | ||
69 | - if (sslconn->ssl == NULL) | |
70 | + if (sslconn == NULL || sslconn->ssl == NULL) | |
71 | return NULL; | |
72 | result = NULL; | |
73 | if (strEQ(a, "version")) | |
74 | @@ -681,12 +684,9 @@ | |
75 | */ | |
76 | static const char *ssl_var_log_handler_x(request_rec *r, char *a) | |
77 | { | |
78 | - SSLConnRec *sslconn = myConnConfig(r->connection); | |
79 | char *result; | |
80 | ||
81 | - result = NULL; | |
82 | - if (sslconn && sslconn->ssl) | |
83 | - result = ssl_var_lookup(r->pool, r->server, r->connection, r, a); | |
84 | + result = ssl_var_lookup(r->pool, r->server, r->connection, r, a); | |
85 | if (result != NULL && result[0] == NUL) | |
86 | result = NULL; | |
87 | return result; |