httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ic...@apache.org
Subject svn commit: r1846111 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_kernel.c
Date Thu, 08 Nov 2018 10:09:21 GMT
Author: icing
Date: Thu Nov  8 10:09:21 2018
New Revision: 1846111

URL: http://svn.apache.org/viewvc?rev=1846111&view=rev
Log:
  *) mod_ssl: Fix mod_authz provider for "require ssl" directive to check correctly
     on HTTP/2 connections. Fixes PR 62654. [Stefan Eissing]


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1846111&r1=1846110&r2=1846111&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Thu Nov  8 10:09:21 2018
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.1
 
+  *) mod_ssl: Fix mod_authz provider for "require ssl" directive to check correctly
+     on HTTP/2 connections. Fixes PR 62654. [Stefan Eissing]
+
   *) mod_ssl: clear *SSL errors before loading certificates and checking
      afterwards. Otherwise errors are reported when other SSL using modules
      are in play. Fixes PR 62880. [Michael Kaufmann]

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1846111&r1=1846110&r2=1846111&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Thu Nov  8 10:09:21 2018
@@ -1605,10 +1605,7 @@ static authz_status ssl_authz_require_ss
                                                 const char *require_line,
                                                 const void *parsed)
 {
-    SSLConnRec *sslconn = myConnConfig(r->connection);
-    SSL *ssl = sslconn ? sslconn->ssl : NULL;
-
-    if (ssl)
+    if (modssl_request_is_tls(r, NULL))
         return AUTHZ_GRANTED;
     else
         return AUTHZ_DENIED;



Mime
View raw message