Mailing-List: contact apache-bugdb-help@apache.org; run by ezmlm
Precedence: bulk
Reply-To: apache-bugdb@apache.org
From: "Brian G. Reid" <breid@customlogic.com>
Message-Id: <200112171819.fBHIJhn20296@pike.customlogic.com>
Subject: suExec patch for mod_ssl environment variables
To: apache-bugdb@apache.org
Date: Mon, 17 Dec 2001 10:19:43 -0800 (PST)
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII

Hello,

I am trying to use suExec for running CGI programs on a server that
is secured using mod_ssl.  The problem that I am running into is that
suExec strips out all of the SSL related environment variables when it
cleans the environment space of the child process.  Since it strips out
the variables, I lose the ability to detect whether my CGI programs are
running through SSL.

I have attached a patch to suexec.c that adds the HTTPS variable to the 
"safe_env_lst" variable and adds a check in clean_env() to look for and 
retain all the variables that start with "SSL_".

Thanks,
Brian Reid
breid@customlogic.com

PATCH FOLLOWS:

diff -urN oldhttpd/support/suexec.c httpd-2_0_28/support/suexec.c
--- oldhttpd/support/suexec.c	Tue Oct 30 09:38:03 2001
+++ httpd-2_0_28/support/suexec.c	Mon Dec 17 10:08:51 2001
@@ -136,6 +136,7 @@
     "DOCUMENT_URI",
     "FILEPATH_INFO",
     "GATEWAY_INTERFACE",
+    "HTTPS",
     "LAST_MODIFIED",
     "PATH_INFO",
     "PATH_TRANSLATED",
@@ -227,7 +228,7 @@
     cidx++;
 
     for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
-	if (!strncmp(*ep, "HTTP_", 5)) {
+	if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "SSL_",4)) {
 	    cleanenv[cidx] = *ep;
 	    cidx++;
 	}