You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by jo...@apache.org on 2004/11/01 23:53:36 UTC

cvs commit: httpd-2.0/modules/ssl ssl_engine_kernel.c

jorton      2004/11/01 14:53:36

  Modified:    modules/ssl ssl_engine_kernel.c
  Log:
  * modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix possible
  NULL pointer dereference in some configurations.
  
  PR: 31848
  
  Revision  Changes    Path
  1.112     +2 -1      httpd-2.0/modules/ssl/ssl_engine_kernel.c
  
  Index: ssl_engine_kernel.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_kernel.c,v
  retrieving revision 1.111
  retrieving revision 1.112
  diff -d -w -u -r1.111 -r1.112
  --- ssl_engine_kernel.c	8 Oct 2004 11:59:33 -0000	1.111
  +++ ssl_engine_kernel.c	1 Nov 2004 22:53:36 -0000	1.112
  @@ -874,7 +874,8 @@
        * - ssl not enabled
        * - client did not present a certificate
        */
  -    if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL) && sslconn->ssl && sslconn->client_cert) ||
  +    if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL) 
  +          && sslconn && sslconn->ssl && sslconn->client_cert) ||
           !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user)
       {
           return DECLINED;