Skip to content
  1. Feb 03, 2010
    • Joe Orton's avatar
      New releases of OpenSSL will only allow secure renegotiation by · 20ebf99c
      Joe Orton authored
      default.  Add an "SSLInsecureRenegotiation" directive to enable
      renegotiation against unpatched clients, to ease transition:
      
      * modules/ssl/ssl_private.h (struct SSLSrvConfigRec): Add
        insecure_reneg field.
      
      * modules/ssl/ssl_engine_config.c (ssl_config_server_new,
        ssl_config_server_merge): Handle the insecure_reneg flag.
        (ssl_cmd_SSLInsecureRenegotiation): New function.
      
      * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): Set the
        SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION option if insecure_reneg is
        enabled.
      
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Log level of
        support for secure reneg.
      
      * modules/ssl/mod_ssl.c: Add the directive definition.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@906039 13f79535-47bb-0310-9956-ffa450edef68
      20ebf99c
  2. Feb 02, 2010
  3. Feb 01, 2010
  4. Jan 31, 2010
  5. Jan 30, 2010
  6. Jan 27, 2010
  7. Jan 26, 2010
  8. Jan 24, 2010
  9. Jan 23, 2010
  10. Jan 22, 2010
  11. Jan 21, 2010