* mod_ssl: Check if we are having an SSL connection before looking up SSL
related variables during expression evaluation to avoid a crash.
If not return NULL as ssl_var_lookup_ssl does by default. PR 57070
Submitted by: rpluem
Reviewed by: jailletc36, ylavic, covener
Backported by: jailletc36
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1650659 13f79535-47bb-0310-9956-
ffa450edef68
request headers earlier. Adds "MergeTrailers" directive to restore
legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
+ *) mod_ssl: Do not crash when looking up SSL related variables during
+ expression evaluation on non SSL connections. PR 57070 [Ruediger Pluem]
+
*) mod_proxy_ajp: Fix handling of the default port (8009) in the
- ProxyPass and <Proxy> configurations. PR 57259. [Yann Ylavic].
+ ProxyPass and <Proxy> configurations. PR 57259. [Yann Ylavic]
*) mpm_event: Avoid a possible use after free when notifying the end of
connection during lingering close. PR 57268. [Eric Covener, Yann Ylavic]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ssl: Check if we are having an SSL connection before looking up SSL
- related variables during expression evaluation to avoid a crash.
- If not return NULL as ssl_var_lookup_ssl does by default. PR 57070
- trunk patch: http://svn.apache.org/r1630947
- http://svn.apache.org/r1645670
- 2.4.x patch: trunk works (modulo CHANGES)
- +1: jailletc36, ylavic, covener
-
* mod_proxy_fcgi: Ignore body data from backend for 304 responses. PR 57198.
trunk patch: http://svn.apache.org/r1640495
http://svn.apache.org/r1644031
static const char *expr_var_fn(ap_expr_eval_ctx_t *ctx, const void *data)
{
char *var = (char *)data;
- return ssl_var_lookup_ssl(ctx->p, ctx->c, ctx->r, var);
+ SSLConnRec *sslconn = myConnConfig(ctx->c);
+
+ return sslconn ? ssl_var_lookup_ssl(ctx->p, ctx->c, ctx->r, var) : NULL;
}
static int ssl_expr_lookup(ap_expr_lookup_parms *parms)
projects / apache / commitdiff