From 5f33a419b474581b3c4f398d113fbb3178663af4 Mon Sep 17 00:00:00 2001
From: Doug MacEachern <dougm@apache.org>
Date: Sun, 10 Mar 2002 00:22:07 +0000
Subject: [PATCH] don't allocate SSLConnRec unless ssl is enabled on this
 vhost. also provides a shorter shortcut for mod_ssl hooks to decline if ssl
 is not enabled.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93823 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/ssl/mod_ssl.c           | 15 ++++++++-------
 modules/ssl/ssl_engine_kernel.c |  8 ++++++--
 modules/ssl/ssl_engine_vars.c   |  2 +-
 3 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
index 41da040989..13209b30f3 100644
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -224,13 +224,7 @@ static int ssl_hook_pre_connection(conn_rec *c, void *csd)
     SSLSrvConfigRec *sc = mySrvConfig(c->base_server);
     SSL *ssl;
     char *cpVHostMD5;
-    SSLConnRec *sslconn = apr_pcalloc(c->pool, sizeof(*sslconn));
-
-    /*
-     * Create SSL context
-     */
-    myConnConfigSet(c, sslconn);
-    sslconn->log_level = sc->nLogLevel;
+    SSLConnRec *sslconn;
 
     /*
      * Immediately stop processing if SSL is disabled for this connection
@@ -238,6 +232,13 @@ static int ssl_hook_pre_connection(conn_rec *c, void *csd)
     if (sc == NULL || !sc->bEnabled)
         return DECLINED;
 
+    /*
+     * Create SSL context
+     */
+    sslconn = apr_pcalloc(c->pool, sizeof(*sslconn));
+    myConnConfigSet(c, sslconn);
+    sslconn->log_level = sc->nLogLevel;
+
     /*
      * Remember the connection information for
      * later access inside callback functions
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 6bee5eaab7..f7cd981b2d 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -171,6 +171,10 @@ int ssl_hook_ReadReq(request_rec *r)
     SSLConnRec *sslconn = myConnConfig(r->connection);
     SSL *ssl;
 
+    if (!sslconn) {
+        return DECLINED;
+    }
+
     /*
      * Get the SSL connection structure and perform the
      * delayed interlinking from SSL back to request_rec
@@ -233,7 +237,7 @@ int ssl_hook_Translate(request_rec *r)
 {
     SSLConnRec *sslconn = myConnConfig(r->connection);
 
-    if (sslconn->ssl == NULL)
+    if (!sslconn || !sslconn->ssl)
         return DECLINED;
 
     /*
@@ -332,7 +336,7 @@ int ssl_hook_Access(request_rec *r)
     dc  = myDirConfig(r);
     sc  = mySrvConfig(r->server);
     sslconn = myConnConfig(r->connection);
-    ssl = sslconn->ssl;
+    ssl = sslconn ? sslconn->ssl : NULL;
     if (ssl != NULL)
         ctx = SSL_get_SSL_CTX(ssl);
 
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 17b5e82653..1957f7061a 100644
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -679,7 +679,7 @@ static const char *ssl_var_log_handler_x(request_rec *r, char *a)
     char *result;
 
     result = NULL;
-    if (sslconn->ssl != NULL)
+    if (sslconn && sslconn->ssl)
         result = ssl_var_lookup(r->pool, r->server, r->connection, r, a);
     if (result != NULL && result[0] == NUL)
         result = NULL;
-- 
2.40.0