From 0f1b308f1bbd9006a866d2ae40394e740626c06b Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Mon, 1 Nov 2004 22:53:36 +0000 Subject: [PATCH] * modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix possible NULL pointer dereference in some configurations. PR: 31848 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105663 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/ssl_engine_kernel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 6557c1f383..daa47da052 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -874,7 +874,8 @@ int ssl_hook_UserCheck(request_rec *r) * - ssl not enabled * - client did not present a certificate */ - if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL) && sslconn->ssl && sslconn->client_cert) || + if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL) + && sslconn && sslconn->ssl && sslconn->client_cert) || !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user) { return DECLINED; -- 2.40.0