[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-directory-commits
Subject:    [Fedora-directory-commits] mod_nss nss_engine_kernel.c,1.8,1.9
From:       "Robert Crittenden" (rcritten) <fedora-directory-commits () redhat ! com>
Date:       2006-08-09 20:32:50
Message-ID: 200608092032.k79KWokK002006 () cvs-int ! fedora ! redhat ! com
[Download RAW message or body]

Author: rcritten

Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1959

Modified Files:
	nss_engine_kernel.c 
Log Message:
Merge in http://svn.apache.org/viewvc?view=rev&revision=354394

* nss_engine_kernel.c (nss_hook_Access): Omit further access control
  checks if SSL is not in use regardless of vhost settings.



Index: nss_engine_kernel.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_kernel.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- nss_engine_kernel.c	9 Aug 2006 20:11:45 -0000	1.8
+++ nss_engine_kernel.c	9 Aug 2006 20:32:47 -0000	1.9
@@ -126,11 +126,14 @@
     }
 
     /*
-     * Check to see if SSL protocol is on
+     * Check to see if SSL protocol is enabled. If it's not then
+     * no further access control checks are relevant. The test for
+     * sc->enabled is probably strictly unnecessary
      */
-    if (!(sc->enabled || ssl)) {
+    if (!(sc->enabled || !ssl)) {
         return DECLINED;
     }
+
     /*
      * Support for per-directory reconfigured SSL connection parameters.
      * 

[prev in list] [next in list] [prev in thread] [next in thread]