From f33f48241e0a32e62fbaab4267b0eb585d9b0b9f Mon Sep 17 00:00:00 2001
From: "dkl%redhat.com" <>
Date: Tue, 29 Jul 2008 01:57:57 +0000
Subject: Backing out these patches as they cause a regression. More
 information in the respective bug reports.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bug 428659 – Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat

Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
---
 Bugzilla/Auth/Login/CGI.pm | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'Bugzilla/Auth')

diff --git a/Bugzilla/Auth/Login/CGI.pm b/Bugzilla/Auth/Login/CGI.pm
index 0bc3ee119..980e27123 100644
--- a/Bugzilla/Auth/Login/CGI.pm
+++ b/Bugzilla/Auth/Login/CGI.pm
@@ -66,9 +66,11 @@ sub fail_nodata {
     }
 
     # Redirect to SSL if required
-    Bugzilla->cgi->require_https(Bugzilla->params->{'sslbase'})
-        if ssl_require_redirect();
-
+    if (Bugzilla->params->{'sslbase'} ne '' 
+        and Bugzilla->params->{'ssl'} ne 'never') 
+    {
+        $cgi->require_https(Bugzilla->params->{'sslbase'});
+    }
     print $cgi->header();
     $template->process("account/auth/login.html.tmpl",
                        { 'target' => $cgi->url(-relative=>1) }) 
-- 
cgit v1.2.3-24-g4f1b