- Nov 04, 2004
-
-
Joe Orton authored
defined and documented and can't be changed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105683 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 01, 2004
-
-
Joe Orton authored
NULL pointer dereference in some configurations. PR: 31848 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105663 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 13, 2004
-
-
Bradley Nicholes authored
Add a check for SSL_ENABLED_OPTIONAL to the http_method and default_port hook so that they return the correct values for an upgradeable connection. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105426 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 12, 2004
-
-
Joe Orton authored
* modules/mappers/mod_rewrite.c, modules/ssl/ssl_engine_mutex.c: Use AP_NEED_SET_MUTEX_PERMS to determine whether unixd_set_*_mutex_perms calls are necessary. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105411 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 08, 2004
-
-
Joe Orton authored
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a correct cipher suite has been negotiated, else deny access. * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL 0.9.7, prevent session resumption during a renegotiation to force the client to negotiate a new (and acceptable) cipher suite. Submitted by: Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105396 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 30, 2004
-
-
Jean-Frederic Clere authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105354 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 22, 2004
-
-
Joe Orton authored
502 not 501 if SSL_connect() fails for a proxy connection. PR: 31083 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105252 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
shm is not supported, always remove the named segment first to cope with unclean shutdowns. PR: 21335 (continued) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105249 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
(2.5.4.45) for old and new versions of OpenSSL. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@105244 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 18, 2004
-
-
Joe Orton authored
function. (ssl_var_lookup_ssl_cert): Support _V_REMAIN suffix for SSL_{SERVER,CLIENT} as number of days until certificate expires. * modules/ssl_engine_kernel.c: Export SSL_CLIENT_V_REMAIN if +StdEnvVars is configured. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@104700 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 17, 2004
-
-
Joe Orton authored
handling for AP_MODE_SPECULATIVE. PR: 30134 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@104687 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 11, 2004
-
-
Joe Orton authored
* server/log.c (ap_log_pid), * server/mpm/prefork/prefork.c (accept_mutex_on, accept_mutex_off), * support/htdbm.c (htdbm_list): Fix some non-literal format strings (warnings from gcc -Wformat-security). PR: 30585 Submitted by: Ulf Harnhammar (SITIC), Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@104548 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
infinite loop in ssl_io_input_getline if connection is aborted without inctx->rc being set. PR: 29964 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@104547 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 13, 2004
-
-
Bradley Nicholes authored
Tokenize the header while parsing it for the upgrade tokens and once the protocol has been upgraded, allow the request to complete encrypted. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@104273 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 29, 2004
-
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@104082 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 15, 2004
-
-
Joe Orton authored
brigade for sending output after passing on the current one. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103967 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 03, 2004
-
-
Joe Orton authored
environment variable name. * modules/ssl/ssl_private.h (struct SSLDirConfigRec): Add szUserName field. * modules/ssl/ssl_engine_config.c (ssl_config_perdir_create, ssl_config_perdir_merge): Initialize and merge szUserName field. (ssl_cmd_SSLUserName): New function. * modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup): Set r->user to the value of the chosen SSL environment variable. * modules/ssl/mod_ssl.c: Add SSLUserName config directive. PR: 20957 Submitted by: Martin v. Loewis <martin v.loewis.de> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103834 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
which uses the server's cipher preference order rather than the client's. * modules/ssl/ssl_private.h (struct SSLSrvConfigRec): Add cipher_server_pref field. * modules/ssl/ssl_engine_config.c (ssl_config_server_create, ssl_config_server_merge): Initialize and merge cipher_server_pref field. (ssl_cmd_SSLHonorCipherOrder): New function. * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): Set the context option SSL_OP_CIPHER_SERVER_PREFERENCE when required. PR: 28665 Submitted by: Jim Shneider <jschneid netilla.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103832 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
never implemented in 2.0 and never needed to be. * docs/ssl/ssl-std.conf.in: Remove CompatEnvVars examples. * modules/ssl/ssl_engine_config.c (ssl_cmd_SSLOptions): Don't allow the CompatEnvVars argument. * modules/ssl/ssl_private.h: Remove SSL_OPT_COMPATENVVARS macro. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103829 13f79535-47bb-0310-9956-ffa450edef68
-
- May 27, 2004
-
-
Joe Orton authored
* modules/ssl/ssl_scache_dc.c (ssl_scache_dc_expire): Likewise. * modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_expire): Likewise. * modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_expire): Make static. * modules/ssl/ssl_private.h: Remove prototypes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103793 13f79535-47bb-0310-9956-ffa450edef68
-
- May 25, 2004
-
-
Joe Orton authored
functions ssl_util_strupper, ssl_util_ptxtstub, and ssl_util_uuencode*. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103755 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
overflow in FakeBasicAuth code if client's subject DN exceeds 6K in length (CVE CAN-2004-0488); switch to using apr-util base64 encoder functions. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103754 13f79535-47bb-0310-9956-ffa450edef68
-
- May 17, 2004
-
-
Joe Orton authored
strict-aliasing warning. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103688 13f79535-47bb-0310-9956-ffa450edef68
-
- May 12, 2004
-
-
Madhusudan Mathihalli authored
When a 'read' or 'write' to session cache is done, we need to check the size of the data being 'read' or 'written' to avoid buffer over-run. PR: 27751 Submitted by: Geoff Thorpe Reviewed by: Madhusudan Mathihalli git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103669 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 26, 2004
-
-
Madhusudan Mathihalli authored
just prevents the internal lookup but does not prevent the caching. OpenSSL 0.9.6h onwards has a new flag 'SSL_SESS_CACHE_NO_INTERNAL' to prevent OpenSSL from both lookup and caching the sessions internally. PR: 26562 Reviewed by: Geoff Thorpe, Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103165 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 25, 2004
-
-
Joe Orton authored
send an SSL shutdown from a pool cleanup. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103156 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 12, 2004
-
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102943 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 11, 2004
-
-
William A. Rowe Jr authored
Pick up mod_status.h git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102938 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 10, 2004
-
-
Joe Orton authored
ssl_log_ssl_error): const-ify annotation strings and simplify ssl_log_annotation. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102927 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 06, 2004
-
-
Joe Orton authored
stop linking all of support/* against the SSL libraries: * acinclude.m4 (APACHE_MODULE): Define MOD_FOO_LDADD which each module .la library will be linked against. (APACHE_MODPATH_ADD): Link static modules against the provided libraries. (APACHE_CHECK_SSL_TOOLKIT): Put SSL libraries in SSL_LIBS and export that to config_vars.mk. * support/Makefile.in: Link ab against SSL_LIBS. * modules/ssl/config.m4: Add SSL_LIBS and distcache libraries to MOD_SSL_LDADD. PR: 17217 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102870 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 05, 2004
-
-
Bradley Nicholes authored
the OPTIONAL flag can be correctly merged within the ssl_config_server_merge() function. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102860 13f79535-47bb-0310-9956-ffa450edef68
-
Bradley Nicholes authored
the OPTIONAL flag is correctly merged within the ssl_config_server_merge() function. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102859 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 04, 2004
-
-
Joe Orton authored
error stack contents if engine load/init fails. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102857 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
an unsigned long. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102856 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
ssl_var_lookup_ssl_cipher): Use apr_itoa instead of psprintf %d. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102855 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
drop a bunch of casts; use apr_table_get directly in place of ssl_var_lookup_header. (ssl_var_lookup_header): Remove function. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102854 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
lookup of SSL_* variables (the common case) requires 2 rather than 29 strcasecmp calls before getting to ssl_var_lookup_ssl(). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102851 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
* modules/ssl/ssl_engine_vars (ssl_is_https): New function. (ssl_var_register): Register it. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102850 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
segfaults if called with r=NULL, c!=NULL, spotted by Andr��. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102849 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 29, 2004
-
-
Joe Orton authored
ssl_io_filter_error): Clear the SSL * pointer in the SSLConnRec too. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102819 13f79535-47bb-0310-9956-ffa450edef68
-