*** ssl_engine_io.c.orig	Fri Mar 26 15:55:18 2004
--- ssl_engine_io.c	Fri Mar 26 15:58:45 2004
***************
*** 331,336 ****
--- 331,381 ----
   * this char_buffer api might seem silly, but we don't need to copy
   * any of this data and we need to remember the length.
   */
+ #ifdef DACS
+ /*
+  * For Apache 2.0.4[89] - may not be compatible with other versions.
+  *
+  * mod_auth_dacs's unconventional use of AP_MODE_SPECULATIVE when reading
+  * the POST data stream appears to trigger bugs in SSL buffer handling
+  * in particular situations.
+  * This patch to ssl_engine_io.c tries to work around these problems/bugs.
+  */
+ 
+ #ifndef lint
+ static const char revid[] =
+   "$Id: ssl_engine_io.patch 16 2005-02-13 22:31:20Z unauth $";
+ #endif
+ 
+ static int char_buffer_read(bio_filter_in_ctx_t *inctx, char *in, int inl)
+ {
+     char_buffer_t *buffer = &inctx->cbuf;
+ 
+     if (!buffer->length) {
+         return 0;
+     }
+ 
+     if (buffer->length > inl) {
+         /* we have have enough to fill the caller's buffer */
+         memmove(in, buffer->value, inl);
+         buffer->value += inl;
+         buffer->length -= inl;
+     }
+     else {
+         /* swallow remainder of the buffer */
+         memmove(in, buffer->value, buffer->length);
+         inl = buffer->length;
+         if (inctx->mode == AP_MODE_SPECULATIVE) {
+              buffer->value = in;
+         }
+         else {
+              buffer->value = NULL;
+              buffer->length = 0;
+         }
+     }
+ 
+     return inl;
+ }
+ #else
  static int char_buffer_read(char_buffer_t *buffer, char *in, int inl)
  {
      if (!buffer->length) {
***************
*** 353,358 ****
--- 398,404 ----
  
      return inl;
  }
+ #endif
  
  static int char_buffer_write(char_buffer_t *buffer, char *in, int inl)
  {
***************
*** 558,569 ****
--- 604,621 ----
      *len = 0;
  
      /* If we have something leftover from last time, try that first. */
+ #ifdef DACS
+     if ((bytes = char_buffer_read(inctx, buf, wanted))) {
+ #else
      if ((bytes = char_buffer_read(&inctx->cbuf, buf, wanted))) {
+ #endif
          *len = bytes;
          if (inctx->mode == AP_MODE_SPECULATIVE) {
+ #ifndef DACS
              /* We want to rollback this read. */
              inctx->cbuf.value -= bytes;
              inctx->cbuf.length += bytes;
+ #endif
              return APR_SUCCESS;
          }
          /* This could probably be *len == wanted, but be safe from stray
***************
*** 1517,1519 ****
--- 1569,1592 ----
      }
      return rc;
  }
+ 
+ #ifdef DACS
+ /*
+  * Return 1 if this request came over SSL (https), 0 otherwise.
+  * DACS needs this... why doesn't mod_ssl provide such a function?
+  */
+ int
+ ssl_is_ssl_request(request_rec *r)
+ {
+     SSLConnRec *sslconn = myConnConfig(r->connection);
+     SSLSrvConfigRec *sc = mySrvConfig(r->server);
+ 
+     /*
+      * Check to see if SSL is on
+      */
+     if (!(sc->enabled && sslconn && sslconn->ssl))
+       return(0);
+     return(1);
+ }
+ #endif
+