Opened 8 years ago

#388 new defect

Make mod_auth_sslcert fail gracefully in absense of mod_ssl

Reported by: btidor Owned by:
Priority: normal Milestone:
Component: internals Keywords:
Cc:

Description

mod_auth_sslcert uses APR_RETRIEVE_OPTIONAL_FN to import the ssl_var_lookup function from mod_ssl but doesn't check that it's been loaded before trying to use it. If mod_ssl is not loaded by the time a request comes in, Apache will probably segfault.

See fc19-dev/.../mod_vhost_ldap.c:134-141 for an example of failing gracefully.

Change History (0)

Note: See TracTickets for help on using tickets.