Skip to content
  1. Feb 16, 2010
  2. Feb 15, 2010
  3. Feb 14, 2010
  4. Feb 13, 2010
  5. Feb 12, 2010
  6. Feb 04, 2010
  7. Feb 01, 2010
  8. Jan 27, 2010
  9. Jan 25, 2010
  10. Jan 24, 2010
  11. Jan 15, 2010
  12. Jan 14, 2010
  13. Jan 10, 2010
  14. Jan 09, 2010
  15. Jan 07, 2010
    • Eric Covener's avatar
      Merge r896897 from trunk: · e9fe6c47
      Eric Covener authored
      clarify LDAPConnectionTimeout behavior/availability which is really just 
      passed along to the SDK when applicable.
      
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@896956 13f79535-47bb-0310-9956-ffa450edef68
      e9fe6c47
    • Ruediger Pluem's avatar
      Merge r891282 from trunk: · 18dd70ea
      Ruediger Pluem authored
      Further mitigation for the TLS renegotation attack, CVE-2009-3555:
      
      * modules/ssl/ssl_engine_kernel.c (has_buffered_data): New function.
        (ssl_hook_Access): Forcibly disable keepalive for the connection if
        there is any buffered data readable from the input filter stack.
      
      * modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Ensure that the
        BIO uses blocking operations when invoked outside direct control of
        the httpd filter stack.
      
      Thanks to Hartmut Keil <Hartmut.Keil adnovum.ch> for proposing this
      technique.
      
      Submitted by: jorton
      Reviewed by: rpluem, jim, trawick
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@896900 13f79535-47bb-0310-9956-ffa450edef68
      18dd70ea
  16. Jan 06, 2010
  17. Jan 05, 2010