Index: include/http_protocol.h
===================================================================
--- include/http_protocol.h	(Revision 1886790)
+++ include/http_protocol.h	(Arbeitskopie)
@@ -1048,6 +1048,31 @@
 AP_DECLARE(void) ap_send_interim_response(request_rec *r, int send_headers);
 
 
+/**
+ * Setup optional functions for ssl related queries so that functions
+ * registered by old-style SSL module functions are interrogated by the 
+ * the new ap_is_ssl() and friends. Installs own optional functions, so that
+ * old modules looking for these find one and get the correct results. 
+ * @param pool The pool to use for allocations
+ */
+AP_DECLARE(void) ap_setup_ssl_optional_fns(apr_pool_t *pool);
+
+/**
+ * This hook allows modules that manage SSL connection to register their
+ * inquiry function for checking if a connection is using SSL from them.
+ * @param c The current connection
+ * @return OK if the connection is using SSL, DECLINED if not.
+ * @ingroup hooks
+ */
+AP_DECLARE_HOOK(int,is_ssl,(conn_rec *c))
+
+/**
+ * Return != 0 iff the connection is encrypted with SSL.
+ * @param c the connection
+ */
+AP_DECLARE(int) ap_ssl_is_ssl(conn_rec *c);
+
+
 #ifdef __cplusplus
 }
 #endif
Index: server/core.c
===================================================================
--- server/core.c	(Revision 1886790)
+++ server/core.c	(Arbeitskopie)
@@ -5312,6 +5312,7 @@
     set_banner(pconf);
     ap_setup_make_content_type(pconf);
     ap_setup_auth_internal(ptemp);
+    ap_setup_ssl_optional_fns(pconf);
     if (!sys_privileges) {
         ap_log_error(APLOG_MARK, APLOG_CRIT, 0, NULL, APLOGNO(00136)
                      "Server MUST relinquish startup privileges before "
Index: server/protocol.c
===================================================================
--- server/protocol.c	(Revision 1886790)
+++ server/protocol.c	(Arbeitskopie)
@@ -70,6 +70,7 @@
     APR_HOOK_LINK(protocol_propose)
     APR_HOOK_LINK(protocol_switch)
     APR_HOOK_LINK(protocol_get)
+    APR_HOOK_LINK(is_ssl)
 )
 
 AP_DECLARE_DATA ap_filter_rec_t *ap_old_write_func = NULL;
@@ -2630,7 +2631,36 @@
     return !strcmp(AP_PROTOCOL_HTTP1, protocol);
 }
 
+APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *));
+static APR_OPTIONAL_FN_TYPE(ssl_is_https) *module_ssl_is_https;
 
+static int ssl_is_https(conn_rec *c) 
+{
+    /* Someone retrieved the optional function., not knowning about the
+     * new API. We redirect them to what they should have inoked. */
+    return ap_ssl_is_ssl(c);
+}
+
+AP_DECLARE(void) ap_setup_ssl_optional_fns(apr_pool_t *pool)
+{
+    /* Run as core's very early 'post config' hook, check for any already
+     * installed optional functions related to SSL and save them. Install
+     * our own instances that invoke the new hooks. */
+    APR_OPTIONAL_FN_TYPE(ssl_is_https) *fn = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https);
+    module_ssl_is_https = (fn && fn != ssl_is_https)? fn : NULL;
+    APR_REGISTER_OPTIONAL_FN(ssl_is_https);
+}
+
+AP_DECLARE(int) ap_ssl_is_ssl(conn_rec *c)
+{
+    int r = (ap_run_is_ssl(c) == OK);
+    if (r == 0 && module_ssl_is_https) {
+        r = module_ssl_is_https(c);
+    }
+    return r;
+}
+
+
 AP_IMPLEMENT_HOOK_VOID(pre_read_request,
                        (request_rec *r, conn_rec *c),
                        (r, c))
@@ -2656,3 +2686,5 @@
                             (c, r, s, protocol), DECLINED)
 AP_IMPLEMENT_HOOK_RUN_FIRST(const char *,protocol_get,
                             (const conn_rec *c), (c), NULL)
+AP_IMPLEMENT_HOOK_RUN_FIRST(int, is_ssl, 
+                            (conn_rec *c), (c), DECLINED)