Commit dbdddf60 authored by Joe Orton's avatar Joe Orton
Browse files

* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix possible 

NULL pointer dereference in some configurations.

PR: 31848


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105663 13f79535-47bb-0310-9956-ffa450edef68
parent 2fc6e485

ssl_engine_kernel.c

+2 −1
Original line number Diff line number Diff line
@@ -874,7 +874,8 @@ int ssl_hook_UserCheck(request_rec *r) 
     * - ssl not enabled

     * - client did not present a certificate

     */

    if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL) && sslconn->ssl && sslconn->client_cert) ||

    if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL) 

          && sslconn && sslconn->ssl && sslconn->client_cert) ||

        !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user)

    {

        return DECLINED;