www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

mod_ssl: Revert r1868929 on trunk (only).

Browse Source 
We discussed in 2019 that after 2.4.x's backport r1873907 we should apply
normal/usual merging for SSLProtocol in next versions (thus trunk first).
See: https://lists.apache.org/thread/76yh7j3fwj2tsmffsqcqpv4mcfph5vqx

Make this happen finally.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921360 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Yann Ylavic
2024-10-16 14:11:41 +00:00
parent 50df6c8cc0
commit 543a0be880
1 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
modules/ssl/ssl_engine_kernel.c
View File

@@ -2612,14 +2612,13 @@ static int ssl_find_vhost(void *servername, conn_rec *c, server_rec *s)
#if OPENSSL_VERSION_NUMBER >= 0x1010007fL \ #if OPENSSL_VERSION_NUMBER >= 0x1010007fL \
&& (!defined(LIBRESSL_VERSION_NUMBER) \ && (!defined(LIBRESSL_VERSION_NUMBER) \
|| LIBRESSL_VERSION_NUMBER >= 0x20800000L) || LIBRESSL_VERSION_NUMBER >= 0x20800000L)
/* /* Switch to the vhost's protocols. Note that 2.4 used to do this
* Don't switch the protocol if none is configured for this vhost, * only if SSLProtocol was configured/inherited for this vhost, using
* the default in this case is still the base server's SSLProtocol. * the base server's SSLProtocol otherwise. From 2.5 usual merging
*/ * applies.
if (myConnCtxConfig(c, sc)->protocol_set) { */
SSL_set_min_proto_version(ssl, SSL_CTX_get_min_proto_version(ctx)); SSL_set_min_proto_version(ssl, SSL_CTX_get_min_proto_version(ctx));
SSL_set_max_proto_version(ssl, SSL_CTX_get_max_proto_version(ctx)); SSL_set_max_proto_version(ssl, SSL_CTX_get_max_proto_version(ctx));
}
#endif #endif
if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) || if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) ||
(SSL_num_renegotiations(ssl) == 0)) { (SSL_num_renegotiations(ssl) == 0)) {