Merge r1772812, r1772813 from trunk: (f8805fb5) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Commit f8805fb5 authored Dec 06, 2016 by

Jim Jagielski

Merge r1772812, r1772813 from trunk:

mod_session_crypto: Authenticate the session data/cookie with a MAC (SipHash)
to prevent deciphering or tampering with a padding oracle attack.



mod_session_crypto: follow up to r1772812: CHANGES entry.
Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772925 13f79535-47bb-0310-9956-ffa450edef68

parent 2d6a915e

Hide whitespace changes

Inline Side-by-side

Please register or to comment