httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Kraemer <Martin.Krae...@Fujitsu-Siemens.com>
Subject Re: [PATCH] SSL_* in suexec safe env list
Date Mon, 04 Feb 2002 13:08:54 GMT
On Sun, Feb 03, 2002 at 12:37:58PM -0500, Joshua Slive wrote:
> 
> > From: Zvi Har'El [mailto:rl@math.technion.ac.il]
> 
> > triple rather then
> > double strncmp:
> >
> > -        if (!strncmp(*ep, "HTTP_", 5)) {
> > +        if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "HTTPS", 5) ||
(no, not like that. not strncmp, but strcmp(*ep, "HTTPS")
> > +			!strncmp(*ep, "SSL_", 4)) {
> 
> As I said, I'm not going to commit without two "+1"s.
> 
> 
> Index: suexec.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/support/suexec.c,v
> retrieving revision 1.17
> diff -u -d -b -r1.17 suexec.c
> --- suexec.c    22 Nov 2001 07:42:13 -0000      1.17
> +++ suexec.c    3 Feb 2002 17:30:13 -0000
> @@ -136,6 +136,7 @@
>      "DOCUMENT_URI",
>      "FILEPATH_INFO",
>      "GATEWAY_INTERFACE",
> +    "HTTPS",
>      "LAST_MODIFIED",
>      "PATH_INFO",
>      "PATH_TRANSLATED",

Yep, that's cleaner. +1.

  Martin
-- 
<Martin.Kraemer@Fujitsu-Siemens.com>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany

Mime
View raw message