You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by "Brian G. Reid" <br...@customlogic.com> on 2001/12/17 19:19:43 UTC

suExec patch for mod_ssl environment variables

Hello,

I am trying to use suExec for running CGI programs on a server that
is secured using mod_ssl.  The problem that I am running into is that
suExec strips out all of the SSL related environment variables when it
cleans the environment space of the child process.  Since it strips out
the variables, I lose the ability to detect whether my CGI programs are
running through SSL.

I have attached a patch to suexec.c that adds the HTTPS variable to the 
"safe_env_lst" variable and adds a check in clean_env() to look for and 
retain all the variables that start with "SSL_".

Thanks,
Brian Reid
breid@customlogic.com

PATCH FOLLOWS:

diff -urN oldhttpd/support/suexec.c httpd-2_0_28/support/suexec.c
--- oldhttpd/support/suexec.c	Tue Oct 30 09:38:03 2001
+++ httpd-2_0_28/support/suexec.c	Mon Dec 17 10:08:51 2001
@@ -136,6 +136,7 @@
     "DOCUMENT_URI",
     "FILEPATH_INFO",
     "GATEWAY_INTERFACE",
+    "HTTPS",
     "LAST_MODIFIED",
     "PATH_INFO",
     "PATH_TRANSLATED",
@@ -227,7 +228,7 @@
     cidx++;
 
     for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
-	if (!strncmp(*ep, "HTTP_", 5)) {
+	if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "SSL_",4)) {
 	    cleanenv[cidx] = *ep;
 	    cidx++;
 	}