-*- coding: utf-8 -*-
Changes with Apache 2.4.49
+ *) mod_proxy_uwsgi: Fix PATH_INFO setting for generic worker. [Yann Ylavic]
+
+ *) mod_md: Certificate/keys pairs are verified as matching before a renewal is accepted
+ as successful or a staged renewal is replacing the existing certificates.
+ This avoid potential mess ups in the md store file system to render the active
+ certificates non-working. [@mkauf]
+
+ *) mod_proxy: Faster unix socket path parsing in the "proxy:" URL.
+ [Yann Ylavic]
+
+ *) mod_ssl: tighten the handling of ALPN for outgoing (proxy)
+ connections. If ALPN protocols are provided and sent to the
+ remote server, the received protocol selected is inspected
+ and checked for a match. Without match, the peer handshake
+ fails.
+ An exception is the proposal of "http/1.1" where it is
+ accepted if the remote server did not answer ALPN with
+ a selected protocol. This accomodates for hosts that do
+ not observe/support ALPN and speak http/1.x be default.
+
*) mod_proxy: Fix possible reuse/merging of Proxy(Pass)Match worker instances
with others when their URLs contain a '$' substitution. PR 65419 + 65429.
[Yann Ylavic]
+++ /dev/null
- * mod_md: Certificate/keys pairs are verified as matching before a renewal is accepted
- as successful or a staged renewal is replacing the existing certificates.
- This avoid potential mess ups in the md store file system to render the active
- certificates non-working. [@mkauf]
+++ /dev/null
- *) mod_ssl: tighten the handling of ALPN for outgoing (proxy)
- connections. If ALPN protocols are provided and sent to the
- remote server, the received protocol selected is inspected
- and checked for a match. Without match, the peer handshake
- fails.
- An exception is the proposal of "http/1.1" where it is
- accepted if the remote server did not answer ALPN with
- a selected protocol. This accomodates for hosts that do
- not observe/support ALPN and speak http/1.x be default.
\ No newline at end of file
projects / thirdparty / apache / httpd.git / commitdiff
