]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ac774f7) | patch
Fail if SSLInsecureRenegotiation is used with mod_ssl, CVE-2009-3555
authorJoe Orton <jorton@apache.org>
Thu, 9 May 2024 09:05:38 +0000 (09:05 +0000)
committerJoe Orton <jorton@apache.org>
Thu, 9 May 2024 09:05:38 +0000 (09:05 +0000)
commit5971ee662032d861024462a18f950e4eed4ab8ad
tree26112bb1a27010ea0b7c9f2afbbbee7dc5ccfb6dtree
parentac774f7340bd1e2bb5ff092e27e75cd0051f7783commit | diff
Fail if SSLInsecureRenegotiation is used with mod_ssl, CVE-2009-3555
is now approaching 15 years old.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLInsecureRenegotiation):
  Fail if used.
  (ssl_config_server_new, ssl_config_server_merge): Remove insecure
  reneg handling.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): Remove
  insecure_reneg handling.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917600 13f79535-47bb-0310-9956-ffa450edef68
docs/manual/mod/mod_ssl.xml diff | blob | blame | history
modules/ssl/ssl_engine_config.c diff | blob | blame | history
modules/ssl/ssl_engine_init.c diff | blob | blame | history
modules/ssl/ssl_private.h diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git