Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: CVS

svn commit: r1374640 - /httpd/httpd/branches/2.2.x/STATUS

  

 
Apache cvs RSS feed   Index | Next | Previous | View Threaded


wrowe at apache

Aug 18, 2012, 12:32 PM

Post #1 of 1 (33 views)
Permalink
svn commit: r1374640 - /httpd/httpd/branches/2.2.x/STATUS
Author: wrowe
Date: Sat Aug 18 19:32:38 2012
New Revision: 1374640

URL: http://svn.apache.org/viewvc?rev=1374640&view=rev
Log:

Patch and STATUS updated to reflect the fix to [+]SSLv2 noted by kbrand.


Modified:
httpd/httpd/branches/2.2.x/STATUS

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1374640&r1=1374639&r2=1374640&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sat Aug 18 19:32:38 2012
@@ -145,7 +145,7 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
http://svn.apache.org/viewvc?view=revision&revision=1225476
http://svn.apache.org/viewvc?view=revision&revision=1225792
Backport version for 2.2.x of the patches above:
- http://people.apache.org/~wrowe/tls11-12-patch-2.2-kbrand-wrowe.1.patch
+ http://people.apache.org/~wrowe/tls11-12-patch-2.2-kbrand-wrowe.2.patch
+1: wrowe,
kbrand: The #define HAVE_TLSV1_X stuff should go to ssl_toolkit_compat.h,
[wrowe] disagree, since that API was deprecated
@@ -160,6 +160,15 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
to drop the #ifndef around SSL_PROTOCOL_SSLV2 in ssl_private.h,
this should also make some of the other "#if[n]def OPENSSL_NO_SSL2"
encapsulations unnecessary.
+ [wrowe] agreed the patch was wrong, the #ifdef needed to be moved
+ up four lines. Behavior is now correct in patch .2
+ Diagree about retaining SSL_PROTOCOL_SSLV2; this is one
+ of the most basic design patterns which exists to ensure
+ that we don't have some lingering code which is still
+ attempting to pursue SSLV2 games, not to mention that
+ the various macros and functions in those blocks may
+ simply disappear disappear inan OPENSSL_NO_SSL2 build.
+ Bad idea, it helps us catch current and future problems.
sf:
- ssl_engine_init.c: misses two "ctx = SSL_CTX_new(method);" calls
(or move the existing ones after the if blocks).

Apache cvs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.