/[Apache-SVN]
ViewVC logotype

Revision 105732

Jump to revision: Previous Next
Author: jorton
Date: Wed Nov 10 11:42:05 2004 UTC (19 years, 6 months ago)
Changed paths: 2
Log Message: 
Backport fix for CAN-2004-0885:

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
correct cipher suite has been negotiated, else deny access.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
0.9.7, prevent session resumption during a renegotiation to force the
client to negotiate a new (and acceptable) cipher suite.

PR: 31505
Submitted by: Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton
Reviewed by: jorton, pquerna, minfrin, wrowe

Changed paths

Path Details
Directoryhttpd/httpd/branches/APACHE_2_0_BRANCH/modules/ssl/ssl_engine_init.c modified , text changed , props changed
Directoryhttpd/httpd/branches/APACHE_2_0_BRANCH/modules/ssl/ssl_engine_kernel.c modified , text changed , props changed
infrastructure at apache.org
 ViewVC Help
Powered by ViewVC 1.1.26