From dcdf68cf55376d8c80ef3e156b8c463692927a3a Mon Sep 17 00:00:00 2001
From: Joshua Slive <slive@apache.org>
Date: Mon, 4 Feb 2002 15:18:45 +0000
Subject: [PATCH] suexec: Allow HTTPS and SSL_* environment variables to be
 passed through to CGI scripts.

PR: 9163
Submitted by:	Brian Reid <breid@customlogic.com>, Zvi Har'El <rl@math.technion.ac.il>
Reviewed by:	Joshua Slive, Lars Eilebrecht, Martin Kraemer


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93223 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES          | 5 +++++
 support/suexec.c | 3 ++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 90193ee47d..77fee86a1f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
 Changes with Apache 2.0.32-dev
 
+  *) suexec: Allow HTTPS and SSL_* environment variables to be passed
+     through to CGI scripts. PR 9163
+     [Brian Reid <breid@customlogic.com>, 
+      Zvi Har'El <rl@math.technion.ac.il>]
+
   *) binbuild.sh: Make sure that we use the expat from our source
      tree so that there aren't any surprises on the target machine.
      [Jeff Trawick]
diff --git a/support/suexec.c b/support/suexec.c
index 7c0343d44e..eb931097c3 100644
--- a/support/suexec.c
+++ b/support/suexec.c
@@ -136,6 +136,7 @@ char *safe_env_lst[] =
     "DOCUMENT_URI",
     "FILEPATH_INFO",
     "GATEWAY_INTERFACE",
+    "HTTPS",
     "LAST_MODIFIED",
     "PATH_INFO",
     "PATH_TRANSLATED",
@@ -227,7 +228,7 @@ static void clean_env(void)
     cidx++;
 
     for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
-        if (!strncmp(*ep, "HTTP_", 5)) {
+        if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "SSL_", 4)) {
             cleanenv[cidx] = *ep;
             cidx++;
         }
-- 
2.50.1