I think this is the "right thing", but I won't commit it myself without a
couple "+1"s, because I don't trust myself mucking with suexec. Someone
suggested making this conditional on mod_ssl being included in the build,
but I don't see the point. There doesn't seem to be any danger in allowing
SSL_ to pass in all cases.
Index: suexec.c
===================================================================
RCS file: /home/cvs/httpd-2.0/support/suexec.c,v
retrieving revision 1.17
diff -u -d -b -r1.17 suexec.c
--- suexec.c 22 Nov 2001 07:42:13 -0000 1.17
+++ suexec.c 2 Feb 2002 22:40:14 -0000
@@ -227,7 +227,7 @@
cidx++;
for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
- if (!strncmp(*ep, "HTTP_", 5)) {
+ if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "SSL_", 4)) {
cleanenv[cidx] = *ep;
cidx++;
}
