Skip to content

Commit 2d0e4ef

Browse files
committed
modssl: reset client-verify state when renegotiation is aborted
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1750779 13f79535-47bb-0310-9956-ffa450edef68
1 parent a8777b2 commit 2d0e4ef

File tree

2 files changed

+4
-0
lines changed

2 files changed

+4
-0
lines changed

Diff for: CHANGES

+3
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
-*- coding: utf-8 -*-
22
Changes with Apache 2.5.0
33

4+
*) mod_ssl: reset client-verify state of ssl when aborting renegotiations.
5+
[Erki Aring <erki@example.ee>, Stefan Eissing]
6+
47
*) mod_proxy_{http,ajp,fcgi}: don't reuse backend connections with data
58
available before the request is sent. PR 57832. [Yann Ylavic]
69

Diff for: modules/ssl/ssl_engine_kernel.c

+1
Original file line numberDiff line numberDiff line change
@@ -727,6 +727,7 @@ int ssl_hook_Access(request_rec *r)
727727
* on this connection.
728728
*/
729729
apr_table_setn(r->notes, "ssl-renegotiate-forbidden", "verify-client");
730+
SSL_set_verify(ssl, verify_old, ssl_callback_SSLVerify);
730731
return HTTP_FORBIDDEN;
731732
}
732733
/* optimization */

0 commit comments

Comments
 (0)