apache-ssl's suexec

To: christoph.martin@uni-mainz.de
Cc: debian-apache@lists.debian.org
Subject: apache-ssl's suexec
From: Matthew Wilcox <willy@debian.org>
Date: Fri, 11 Jan 2002 04:40:47 +0000
Message-id: <[🔎] 20020111044047.A26644@parcelfarce.linux.theplanet.co.uk>

I'm planning on fixing #40226 in apache 1.3.22-6.  After all, it's only
been open >2.5 years.  With this patch:

@@ -165,6 +166,8 @@
     "UNIQUE_ID",
     "USER_NAME",
     "TZ",
+    "HTTPS",
+    "REDIRECT_HTTPS",
     NULL
 };

@@ -228,7 +231,8 @@
     cidx++;

     for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
-       if (!strncmp(*ep, "HTTP_", 5)) {
+       if (!strncmp(*ep, "HTTP_", 5) ||
+           !strncmp(*ep, "SSL_", 4)) {
            cleanenv[cidx] = *ep;
            cidx++;
        }

is there any more that needs to be done to remove suexec from apache-ssl?

-- 
Revolutions do not require corporate support.

Reply to:

Follow-Ups:
- Re: apache-ssl's suexec
  - From: Christoph Martin <martin@uni-mainz.de>

Prev by Date: Re: APXS, and /icons/
Next by Date: Re: apache-ssl's suexec
Previous by thread: Re: APXS, and /icons/
Next by thread: Re: apache-ssl's suexec
Index(es):
- Date
- Thread