diff -ur mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/mod_ssl.c mod_ssl-2.2.7-1.3.6/pkg.sslmod/mod_ssl.c --- mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/mod_ssl.c Mon Apr 19 14:09:08 1999 +++ mod_ssl-2.2.7-1.3.6/pkg.sslmod/mod_ssl.c Mon Apr 19 14:11:28 1999 @@ -144,6 +144,9 @@ AP_SRV_CMD(Protocol, RAW_ARGS, "Enable or disable various SSL protocols" "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)") + AP_SRV_CMD(OnlyOnPort, TAKE1, + "SSL port for this virtual host" + "(`N' - number of SSL port)") /* * Per-directory context configuration directives diff -ur mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/mod_ssl.h mod_ssl-2.2.7-1.3.6/pkg.sslmod/mod_ssl.h --- mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/mod_ssl.h Mon Apr 19 14:09:08 1999 +++ mod_ssl-2.2.7-1.3.6/pkg.sslmod/mod_ssl.h Mon Apr 19 14:18:00 1999 @@ -483,6 +483,7 @@ int nPassPhraseDialogType; char *szPassPhraseDialogPath; ssl_proto_t nProtocol; + int nOnlyOnPort; #ifdef SSL_VENDOR ap_ctx *ctx; #endif @@ -542,6 +543,7 @@ const char *ssl_cmd_SSLLog(cmd_parms *, char *, char *); const char *ssl_cmd_SSLLogLevel(cmd_parms *, char *, char *); const char *ssl_cmd_SSLProtocol(cmd_parms *, char *, const char *); +const char *ssl_cmd_SSLOnlyOnPort(cmd_parms *, char *, char *); const char *ssl_cmd_SSLOptions(cmd_parms *, SSLDirConfigRec *, const char *); const char *ssl_cmd_SSLRequireSSL(cmd_parms *, SSLDirConfigRec *, char *); const char *ssl_cmd_SSLRequire(cmd_parms *, SSLDirConfigRec *, char *); diff -ur mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/ssl_engine_config.c mod_ssl-2.2.7-1.3.6/pkg.sslmod/ssl_engine_config.c --- mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/ssl_engine_config.c Mon Apr 19 14:09:08 1999 +++ mod_ssl-2.2.7-1.3.6/pkg.sslmod/ssl_engine_config.c Mon Apr 19 14:20:24 1999 @@ -197,6 +197,7 @@ sc->nPassPhraseDialogType = SSL_PPTYPE_UNSET; sc->szPassPhraseDialogPath = NULL; sc->nProtocol = SSL_PROTOCOL_ALL; + sc->nOnlyOnPort = NULL; sc->fileLogFile = NULL; sc->px509Certificate = NULL; sc->prsaKey = NULL; @@ -235,6 +236,7 @@ cfgMerge(nPassPhraseDialogType, SSL_PPTYPE_UNSET); cfgMergeString(szPassPhraseDialogPath); cfgMerge(nProtocol, SSL_PROTOCOL_ALL); + cfgMergeInt(nOnlyOnPort); cfgMerge(fileLogFile, NULL); cfgMerge(px509Certificate, NULL); cfgMerge(prsaKey, NULL); @@ -653,6 +655,17 @@ sc->nLogLevel = SSL_LOG_DEBUG; else return "SSLLogLevel: Invalid argument"; + return NULL; +} + +const char *ssl_cmd_SSLOnlyOnPort( + cmd_parms *cmd, char *struct_ptr, char *arg) +{ + SSLSrvConfigRec *sc = mySrvConfig(cmd->server); + + sc->nOnlyOnPort = atoi(arg); + if (sc->nOnlyOnPort < 0) + return "SSLOnlyOnPort: Invalid argument"; return NULL; } diff -ur mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/ssl_engine_kernel.c mod_ssl-2.2.7-1.3.6/pkg.sslmod/ssl_engine_kernel.c --- mod_ssl-2.2.7-1.3.6_orig/pkg.sslmod/ssl_engine_kernel.c Mon Apr 19 14:09:08 1999 +++ mod_ssl-2.2.7-1.3.6/pkg.sslmod/ssl_engine_kernel.c Mon Apr 19 14:22:23 1999 @@ -135,6 +135,7 @@ char *cpVHostID; int rc; int n; + unsigned port; /* * Get context @@ -142,6 +143,7 @@ srvr = conn->server; fb = conn->client; sc = mySrvConfig(srvr); + port = ntohs(conn->local_addr.sin_port); /* * Create SSL context @@ -154,6 +156,13 @@ */ if (sc == NULL || !sc->bEnabled) return; + + if (sc->nOnlyOnPort && sc->nOnlyOnPort != port) + { + ssl_log(srvr, SSL_LOG_INFO, "Connection to child %d on port %d set non-SSL by OnlyOnPort (server %s:%d)", + conn->child_num, port, srvr->server_hostname, srvr->port); + return; + } /* * Remember the connection information for