Hi,
I agree with Joshua completely that the conditioning on mod_ssl is not
necessary. However, comparing with the apache 1.3 version of suexec.c, and the
fact that in 2.0 ssl_engine_kernel.c (line 1035) still sets the SSI/CGI
environment variable HTTPS=on , I would recommand to have a triple rather then
double strncmp:
- if (!strncmp(*ep, "HTTP_", 5)) {
+ if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "HTTPS", 5) ||
+ !strncmp(*ep, "SSL_", 4)) {
On Sat, 2 Feb 2002, Joshua Slive wrote:
> I think this is the "right thing", but I won't commit it myself without a
> couple "+1"s, because I don't trust myself mucking with suexec. Someone
> suggested making this conditional on mod_ssl being included in the build,
> but I don't see the point. There doesn't seem to be any danger in allowing
> SSL_ to pass in all cases.
>
> Index: suexec.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/support/suexec.c,v
> retrieving revision 1.17
> diff -u -d -b -r1.17 suexec.c
> --- suexec.c 22 Nov 2001 07:42:13 -0000 1.17
> +++ suexec.c 2 Feb 2002 22:40:14 -0000
> @@ -227,7 +227,7 @@
> cidx++;
>
> for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
> - if (!strncmp(*ep, "HTTP_", 5)) {
> + if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "SSL_", 4)) {
> cleanenv[cidx] = *ep;
> cidx++;
> }
>
--
Dr. Zvi Har'El mailto:[EMAIL PROTECTED] Department of Mathematics
tel:+972-54-227607 Technion - Israel Institute of Technology
fax:+972-4-8324654 http://www.math.technion.ac.il/~rl/ Haifa 32000, ISRAEL
"If you can't say somethin' nice, don't say nothin' at all." -- Thumper (1942)
Sunday, 22 Shevat 5762, 3 February 2002, 7:13PM
