summaryrefslogtreecommitdiffstats
path: root/nss_engine_vars.c
diff options
context:
space:
mode:
Diffstat (limited to 'nss_engine_vars.c')
-rw-r--r--nss_engine_vars.c32
1 files changed, 25 insertions, 7 deletions
diff --git a/nss_engine_vars.c b/nss_engine_vars.c
index 8f0379a..8eba2df 100644
--- a/nss_engine_vars.c
+++ b/nss_engine_vars.c
@@ -39,11 +39,17 @@ static char *nss_var_lookup_nss_cert_verify(apr_pool_t *p, conn_rec *c);
static char *nss_var_lookup_nss_cipher(apr_pool_t *p, conn_rec *c, char *var);
static char *nss_var_lookup_nss_version(apr_pool_t *p, char *var);
static char *nss_var_lookup_protocol_version(apr_pool_t *p, conn_rec *c);
+static char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var);
+
+static APR_OPTIONAL_FN_TYPE(ssl_is_https) *othermod_is_https;
+static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *othermod_var_lookup;
static int nss_is_https(conn_rec *c)
{
SSLConnRec *sslconn = myConnConfig(c);
- return sslconn && sslconn->ssl;
+
+ return (sslconn && sslconn->ssl)
+ || (othermod_is_https && othermod_is_https(c));
}
static int ssl_is_https(conn_rec *c) {
@@ -52,14 +58,17 @@ static int ssl_is_https(conn_rec *c) {
void nss_var_register(void)
{
+ /* Always register these mod_nss optional functions */
APR_REGISTER_OPTIONAL_FN(nss_is_https);
APR_REGISTER_OPTIONAL_FN(nss_var_lookup);
- /* These can only be registered if mod_ssl is not loaded */
- if (APR_RETRIEVE_OPTIONAL_FN(ssl_is_https) == NULL)
- APR_REGISTER_OPTIONAL_FN(ssl_is_https);
- if (APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup) == NULL)
- APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
+ /* Save the state of any previously registered mod_ssl functions */
+ othermod_is_https = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https);
+ othermod_var_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup);
+
+ /* Always register these local mod_ssl optional functions */
+ APR_REGISTER_OPTIONAL_FN(ssl_is_https);
+ APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
return;
}
@@ -174,6 +183,15 @@ char *nss_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
*/
if (result == NULL && c != NULL) {
SSLConnRec *sslconn = myConnConfig(c);
+
+ if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)
+ && (!sslconn || !sslconn->ssl) && othermod_var_lookup) {
+ /* If mod_ssl is registered for this connection,
+ * pass any SSL_* variable through to the mod_ssl module
+ */
+ return othermod_var_lookup(p, s, c, r, var);
+ }
+
if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)
&& sslconn && sslconn->ssl)
result = nss_var_lookup_ssl(p, c, var+4);
@@ -252,7 +270,7 @@ char *nss_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
return result;
}
-char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var) {
+static char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var) {
return nss_var_lookup(p, s, c, r, var);
}
generated by cgit (git 2.34.1) at 2025-09-17 16:11:28 +0000