Skip to content
Commit 41f59653 authored by Joe Orton's avatar Joe Orton
Browse files

Backport from HEAD:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix buffer
  overflow in FakeBasicAuth code if client's subject DN exceeds 6K in
  length (CVE CAN-2004-0488); switch to using apr-util base64 encoder
  functions.

  * modules/ssl/ssl_engine_init.c (ssl_init_Engine): Log the OpenSSL
  error stack contents if engine load/init fails.

  * modules/ssl/ssl_engine_log.c (ssl_log_ssl_error): Use %lu to print
  an unsigned long.

  * modules/ssl/ssl_engine_log.c (ssl_log_annotate, ssl_log_annotation,
  ssl_log_ssl_error): const-ify annotation strings and simplify
  ssl_log_annotation.

Reviewed by: Andr�� Malo, Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@103867 13f79535-47bb-0310-9956-ffa450edef68
parent 489feed4
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment