From: Gordon Hopper <ghopper@godaddy.com>
Date: Thu, 30 Apr 2009 21:56:37 -0700
Subject: [PATCH] Add port number to SSLEnable configuration directive

This allows a single virtualhost to serve as both ssl and non-ssl requests.
For Example:
<VirtualHost 10.0.0.1:80 10.0.0.1:443>
  SSLEngine 443
</VirtualHost>
---
 modules/ssl/mod_ssl.c           |    7 +++++++
 modules/ssl/ssl_engine_config.c |   14 +++++++++++++-
 modules/ssl/ssl_private.h       |    1 +
 3 files changed, 21 insertions(+), 1 deletions(-)

diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
index ff69016..c35542e 100644
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -442,6 +442,13 @@ static int ssl_hook_pre_connection(conn_rec *c, void *csd)
     }
 
     /*
+     * If SSL port is set, and the connection is to a different port, then decline
+     */
+    if (sc && sc->port>0 && c && c->local_addr && (sc->port != c->local_addr->port)) {
+        return DECLINED;
+    }
+
+    /*
      * Create SSL context
      */
     if (!sslconn) {
diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index df6674d..e784cf9 100644
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -169,6 +169,7 @@ static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
     sc->vhost_id_len           = 0;     /* set during module init */
     sc->session_cache_timeout  = UNSET;
     sc->cipher_server_pref     = UNSET;
+    sc->port                   = 0;
 
     modssl_ctx_init_proxy(sc, p);
 
@@ -256,6 +257,7 @@ void *ssl_config_server_merge(apr_pool_t *p, void *basev, void *addv)
     cfgMerge(enabled, SSL_ENABLED_UNSET);
     cfgMergeBool(proxy_enabled);
     cfgMergeInt(session_cache_timeout);
+    cfgMergeInt(port);
     cfgMergeBool(cipher_server_pref);
 
     modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);
@@ -615,8 +617,18 @@ const char *ssl_cmd_SSLEngine(cmd_parms *cmd, void *dcfg, const char *arg)
         sc->enabled = SSL_ENABLED_OPTIONAL;
         return NULL;
     }
+    else {
+        // Try to parse the argument as a port number
+        apr_port_t port;
+        port = atoi(arg);
+        if (port>0) {
+            sc->enabled = SSL_ENABLED_TRUE;
+            sc->port = port;
+            return NULL;
+        }
+    }
 
-    return "Argument must be On, Off, or Optional";
+    return "Argument must be On, Off, Optional, or a port number";
 }
 
 const char *ssl_cmd_SSLCipherSuite(cmd_parms *cmd,
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 64ad36b..d1b3451 100644
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -449,6 +449,7 @@ struct SSLSrvConfigRec {
     BOOL             cipher_server_pref;
     modssl_ctx_t    *server;
     modssl_ctx_t    *proxy;
+    apr_port_t       port;
 };
 
 /**
-- 
1.6.0.4