Merge in http://svn.apache.org/viewvc?view=rev&revision=354394

* nss_engine_kernel.c (nss_hook_Access): Omit further access control checks if SSL is not in use regardless of vhost settings.
author: rcritten <> 2006-08-09 20:32:47 +0000
committer: rcritten <> 2006-08-09 20:32:47 +0000
commit: f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1 (patch)
tree: a6e72a789f58056ba404670fb35eb6398125b569
parent: a2c56687f17bdefe258c63b17264d80be2cbd44c (diff)
download: mod_nss-f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1.tar.gz
mod_nss-f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1.tar.xz
mod_nss-f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/nss_engine_kernel.c b/nss_engine_kernel.c
index 6a73007..0e5b8ad 100644
--- a/nss_engine_kernel.c
+++ b/nss_engine_kernel.c
@@ -126,11 +126,14 @@ int nss_hook_Access(request_rec *r)
     }
 
     /*
-     * Check to see if SSL protocol is on
+     * Check to see if SSL protocol is enabled. If it's not then
+     * no further access control checks are relevant. The test for
+     * sc->enabled is probably strictly unnecessary
      */
-    if (!(sc->enabled || ssl)) {
+    if (!(sc->enabled || !ssl)) {
         return DECLINED;
     }
+
     /*
      * Support for per-directory reconfigured SSL connection parameters.
      *
author	rcritten <>	2006-08-09 20:32:47 +0000
committer	rcritten <>	2006-08-09 20:32:47 +0000
commit	f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1 (patch)
tree	a6e72a789f58056ba404670fb35eb6398125b569
parent	a2c56687f17bdefe258c63b17264d80be2cbd44c (diff)
download	mod_nss-f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1.tar.gz mod_nss-f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1.tar.xz mod_nss-f85e30e8fb8feeb0d25f9d095dd6bbed62fe31a1.zip