-*- coding: utf-8 -*-
Changes with Apache 2.2.6
+ *) mod_ssl: Fix spurious hostname mismatch warning for valid
+ wildcard certificates. PR 37911. [Nick Burch <nick torchbox.com>]
+
*) mod_mem_cache: Increase the minimum and default value for
MCacheMinObjectSize from 0 to 1, as a MCacheMinObjectSize of 0 does not
make sense and leads to a division by zero. PR 40576.
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ssl: Fix spurious hostname-mismatch warning for valid wildcard certs.
- PR 37911.
- Trunk version of patch:
- http://svn.apache.org/viewcvs.cgi?rev=378487&view=rev
- Backport version for 2.2.x of patch:
- Trunk version of patch works
- +1: rpluem, fielding, jim
-
* mod_info: mod_info outputs invalid XHTML 1.0 Transitional.
PR 42847.
Trunk version of patch:
if (SSL_X509_getCN(ptemp, cert, &cn)) {
int fnm_flags = APR_FNM_PERIOD|APR_FNM_CASE_BLIND;
- if (apr_fnmatch_test(cn) &&
- (apr_fnmatch(cn, s->server_hostname,
- fnm_flags) == APR_FNM_NOMATCH))
- {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
- "%s server certificate wildcard CommonName (CN) `%s' "
- "does NOT match server name!?",
- ssl_asn1_keystr(type), cn);
+ if (apr_fnmatch_test(cn)) {
+ if (apr_fnmatch(cn, s->server_hostname,
+ fnm_flags) == APR_FNM_NOMATCH) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "%s server certificate wildcard CommonName "
+ "(CN) `%s' does NOT match server name!?",
+ ssl_asn1_keystr(type), cn);
+ }
}
else if (strNE(s->server_hostname, cn)) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
projects / thirdparty / apache / httpd.git / commitdiff
