Dunno if this really needs to be addressed by Gentoo or not, but it seems to me that suExec is a bit oppressive in it the fact that it disables all SSL_* variables when mod_ssl SSLOptions +StdEnvVars is in effect. I propose that a patch be applied to suexec.c when the "ssl" USE flag is in effect. The simple patch: --- suexec.c.old 2005-03-21 15:46:14.283263792 -0600 +++ suexec.c 2005-03-21 15:46:34.783147336 -0600 @@ -91,6 +91,9 @@ /* variable name starts with */ "HTTP_", + /* mod_ssl varables */ + "SSL_", + /* variable name is */ "AUTH_TYPE=", "CONTENT_LENGTH=", (to vanilla Apache 1.3.33 source) should be adequate, though it could be tightened up to be limited to just the set of variables mod_ssl produces. Reproducible: Always Steps to Reproduce: Like I said, this seems to make sense to me, but there could be objections that I'm not aware of.
Created attachment 54102 [details, diff] A better patch including both SSL_ and HTTPS=
please take the patch upstream. we are trying to avoid putting minor patches in. thanks! resolving -> UPSTREAM
clarification: minor patches as in ones that aren't anything other then security/wont-work-on-gentoo-without-it.
