git.ipfire.org Git - thirdparty/apache/httpd.git/commit

author	Rainer Jung <rjung@apache.org>
	Tue, 28 Sep 2010 15:49:07 +0000 (15:49 +0000)
committer	Rainer Jung <rjung@apache.org>
	Tue, 28 Sep 2010 15:49:07 +0000 (15:49 +0000)
commit	870602222496d2e861875bc7779c0d9689f57f1e
tree	6d8a5bbe757b84ce8121f435bca226139f0451f0	tree \| snapshot
parent	679e0edbff68110fd664ee527a3ae2ea5bd689f8	commit \| diff

Merge r891282 from trunk resp. 896900 from 2.2.x:

Further mitigation for the TLS renegotation attack, CVE-2009-3555:

* modules/ssl/ssl_engine_kernel.c (has_buffered_data): New function.
  (ssl_hook_Access): Forcibly disable keepalive for the connection if
  there is any buffered data readable from the input filter stack.

* modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Ensure that the
  BIO uses blocking operations when invoked outside direct control of
  the httpd filter stack.

Thanks to Hartmut Keil <Hartmut.Keil adnovum.ch> for proposing this
technique.

Submitted by: jorton
Backport by: rjung
Reviewed by: pgollucci, wrowe

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1002227 13f79535-47bb-0310-9956-ffa450edef68

CHANGES		diff \| blob \| blame \| history
STATUS		diff \| blob \| blame \| history
modules/ssl/ssl_engine_io.c		diff \| blob \| blame \| history
modules/ssl/ssl_engine_kernel.c		diff \| blob \| blame \| history