Merge r265702, r290136, r264800 from trunk:
* modules/ssl/ssl_util_ssl.c (SSL_X509_STORE_create): Catch errors returned by X509_LOOKUP_add_dir or X509_LOOKUP_load_file to detect malformed or misconfigured CRLs. Clear error stack beforehand to ensure reported errors are relevant. * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): Fix gcc 4.x different-pointer-signedness warning. * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that renegotiation is performed for a transition from "SSLVerifyClient optional" to "SSLVerifyClient require". (CVE CAN-2005-2700) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290159 13f79535-47bb-0310-9956-ffa450edef68
parent
d7da5ea4
Please register or sign in to comment