8335b1
# ./pullrev.sh 1537535
8335b1
8335b1
http://svn.apache.org/viewvc?view=revision&revision=1537535
8335b1
8335b1
--- httpd-2.4.6/modules/ssl/ssl_engine_config.c.r1537535
8335b1
+++ httpd-2.4.6/modules/ssl/ssl_engine_config.c
8335b1
@@ -198,7 +198,7 @@ static SSLSrvConfigRec *ssl_config_serve
8335b1
     SSLSrvConfigRec *sc = apr_palloc(p, sizeof(*sc));
8335b1
 
8335b1
     sc->mc                     = NULL;
8335b1
-    sc->enabled                = SSL_ENABLED_FALSE;
8335b1
+    sc->enabled                = SSL_ENABLED_UNSET;
8335b1
     sc->proxy_enabled          = UNSET;
8335b1
     sc->vhost_id               = NULL;  /* set during module init */
8335b1
     sc->vhost_id_len           = 0;     /* set during module init */
8335b1
--- httpd-2.4.6/modules/ssl/ssl_engine_init.c.r1537535
8335b1
+++ httpd-2.4.6/modules/ssl/ssl_engine_init.c
8335b1
@@ -289,13 +289,16 @@ int ssl_init_Module(apr_pool_t *p, apr_p
8335b1
         sc->vhost_id = ssl_util_vhostid(p, s);
8335b1
         sc->vhost_id_len = strlen(sc->vhost_id);
8335b1
 
8335b1
-        if (ap_get_server_protocol(s) &&
8335b1
-            strcmp("https", ap_get_server_protocol(s)) == 0) {
8335b1
+        /* Default to enabled if SSLEngine is not set explicitly, and
8335b1
+         * the protocol is https. */
8335b1
+        if (ap_get_server_protocol(s) 
8335b1
+            && strcmp("https", ap_get_server_protocol(s)) == 0
8335b1
+            && sc->enabled == SSL_ENABLED_UNSET) {
8335b1
             sc->enabled = SSL_ENABLED_TRUE;
8335b1
         }
8335b1
 
8335b1
-       /* If sc->enabled is UNSET, then SSL is optional on this vhost  */
8335b1
-        /* Fix up stuff that may not have been set */
8335b1
+        /* Fix up stuff that may not have been set.  If sc->enabled is
8335b1
+         * UNSET, then SSL is disabled on this vhost.  */
8335b1
         if (sc->enabled == SSL_ENABLED_UNSET) {
8335b1
             sc->enabled = SSL_ENABLED_FALSE;
8335b1
         }