Commit 27c30bbf authored by Joe Orton's avatar Joe Orton
Browse files

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Fix segfault if 

SSL_get_session() returns NULL.

PR: 15057
Submitted by: Otmar Lendl (lendl@nic.at)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102281 13f79535-47bb-0310-9956-ffa450edef68
parent a70b127f

ssl_engine_vars.c

+6 −4
Original line number Diff line number Diff line
@@ -281,11 +281,13 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var) 
    else if (ssl != NULL && strcEQ(var, "SESSION_ID")) {

        char buf[SSL_SESSION_ID_STRING_LEN];

        SSL_SESSION *pSession = SSL_get_session(ssl);

        if (pSession) {

            result = apr_pstrdup(p, SSL_SESSION_id2sz(

                                     SSL_SESSION_get_session_id(pSession),

                                     SSL_SESSION_get_session_id_length(pSession),

                                     buf, sizeof(buf)));

        }

    }

    else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) {

        result = ssl_var_lookup_ssl_cipher(p, c, var+6);

    }