Skip to content
  1. Mar 22, 2016
    • Yann Ylavic's avatar
      Follow up to r1734656: restore c->data_in_input_filters usage to · fa3252cc
      Yann Ylavic authored
      see if it helps unblocking test framework.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736216 13f79535-47bb-0310-9956-ffa450edef68
      fa3252cc
    • Yann Ylavic's avatar
      mod_ssl: return non ambigous value in ssl_callback_SessionTicket() for · 4171fbfc
      Yann Ylavic authored
      encryption mode (we used to return 0, OpenSSL documents returning 1 instead).
      
      Practically this does not change anything since OpenSSL will only check for
      >= 0 return value (non error) for encryption mode (the other possible return
      values are only relevant for decryption mode).
      
      However the OpenSSL documentation for SSL_CTX_set_tlsext_ticket_key_cb()
      states:
      "
      The return value of the cb function is used by OpenSSL to determine what
      further processing will occur. The following return values have meaning:
      
      2
          This indicates that the ctx and hctx have been set and the session can
          continue on those parameters. Additionally it indicates that the session
          ticket is in a renewal period and should be replaced. The OpenSSL library
          will call cb again with an enc argument of 1 to set the new ticket (see
          RFC5077 3.3 paragraph 2).
      
      1
          This indicates that the ctx and hctx have been set and the session can
          continue on those parameters.
      
      0
          This indicates that it was not possible to set/retrieve a session ticket
          and the SSL/TLS session will continue by by negotiating a set of
          cryptographic parameters or using the alternate SSL/TLS resumption
          mechanism, session ids.
          If called with enc equal to 0 the library will call the cb again to get a
          new set of parameters.
      
      less than 0
          This indicates an error.
      "
      
      So 0 is not appropriate in our code, 1 is what we really want (and it won't
      break if OpenSSL later changes its checks on the callback return value).
      
      Reported by: oknet on github, pull request #18.
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736186 13f79535-47bb-0310-9956-ffa450edef68
      4171fbfc
    • Stefan Eissing's avatar
      adding missing source h2_ngn_shed.c for win build · 1e5cce07
      Stefan Eissing authored
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736156 13f79535-47bb-0310-9956-ffa450edef68
      1e5cce07
  2. Mar 21, 2016
  3. Mar 20, 2016
  4. Mar 19, 2016
  5. Mar 18, 2016
  6. Mar 17, 2016