From: Doug MacEachern <dougm@apache.org>
Date: Tue, 11 Jun 2002 03:19:27 +0000 (+0000)
Subject: PR:
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8100273c5e5e464fc8d3e8b504729fe343f170b6;p=thirdparty%2Fapache%2Fhttpd.git

PR:
Obtained from:
Submitted by:
Reviewed by:
allow POST method over SSL when per-directory client cert
authentication is used with 'SSLOptions +OptRenegotiate' enabled
and a client cert was found in the ssl session cache.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95602 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/ssl_engine_kernel.c b/ssl_engine_kernel.c
index 9b180dffba0..9274298e556 100644
--- a/ssl_engine_kernel.c
+++ b/ssl_engine_kernel.c
@@ -673,10 +673,11 @@ int ssl_hook_Access(request_rec *r)
      *
      * !! BUT ALL THIS IS STILL NOT RE-IMPLEMENTED FOR APACHE 2.0 !!
      */
-    if (renegotiate && (r->method_number == M_POST)) {
+    if (renegotiate && !renegotiate_quick && (r->method_number == M_POST)) {
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
                      "SSL Re-negotiation in conjunction "
-                     "with POST method not supported!");
+                     "with POST method not supported!\n"
+                     "hint: try SSLOptions +OptRenegotiate");
 
         return HTTP_METHOD_NOT_ALLOWED;
     }