'cvs commit: httpd-2.0/modules/ssl ssl_engine_vars.c'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-cvs
Subject:    cvs commit: httpd-2.0/modules/ssl ssl_engine_vars.c
From:       jorton () apache ! org
Date:       2004-01-30 13:03:23
Message-ID: 20040130130323.62534.qmail () minotaur ! apache ! org
[Download RAW message or body]

jorton      2004/01/30 05:03:23

  Modified:    .        Tag: APACHE_2_0_BRANCH CHANGES
               modules/ssl Tag: APACHE_2_0_BRANCH ssl_engine_vars.c
  Log:
  * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Fix segfault if
  SSL_get_session() returns NULL.
  
  PR: 15057
  Submitted by: Otmar Lendl <lendl@nic.at>
  Reviewed by: Joe Orton, Jeff Trawick, André Malo
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.988.2.226 +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.988.2.225
  retrieving revision 1.988.2.226
  diff -b -d -u -r1.988.2.225 -r1.988.2.226
  --- CHANGES	30 Jan 2004 12:58:08 -0000	1.988.2.225
  +++ CHANGES	30 Jan 2004 13:03:22 -0000	1.988.2.226
  @@ -1,5 +1,8 @@
   Changes with Apache 2.0.49
   
  +  *) mod_ssl: Fix potential segfault on lookup of SSL_SESSION_ID.
  +     PR 15057.  [Otmar Lendl <lendl nic.at>]
  +
     *) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
        [Joe Orton]
   
  
  
  
  No                   revision
  No                   revision
  1.22.2.6  +6 -4      httpd-2.0/modules/ssl/ssl_engine_vars.c
  
  Index: ssl_engine_vars.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_vars.c,v
  retrieving revision 1.22.2.5
  retrieving revision 1.22.2.6
  diff -b -d -u -r1.22.2.5 -r1.22.2.6
  --- ssl_engine_vars.c	12 Jan 2004 14:59:17 -0000	1.22.2.5
  +++ ssl_engine_vars.c	30 Jan 2004 13:03:23 -0000	1.22.2.6
  @@ -281,10 +281,12 @@
       else if (ssl != NULL && strcEQ(var, "SESSION_ID")) {
           char buf[SSL_SESSION_ID_STRING_LEN];
           SSL_SESSION *pSession = SSL_get_session(ssl);
  +        if (pSession) {
           result = apr_pstrdup(p, SSL_SESSION_id2sz(
                                   SSL_SESSION_get_session_id(pSession),
                                   SSL_SESSION_get_session_id_length(pSession),
                                   buf, sizeof(buf)));
  +        }
       }
       else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) {
           result = ssl_var_lookup_ssl_cipher(p, c, var+6);
  
  
  
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic