www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

Avoid unnecessary renegotiations with SSLVerifyDepth 0.

Browse Source 
PR: 48215
Submitted by: Kaspar Brand <asfbugz velox ch>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1137394 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Fritsch
2011-06-19 18:03:55 +00:00
parent 99a601df31
commit a71d0d72cb
3 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -2,6 +2,9 @@
Changes with Apache 2.3.13 Changes with Apache 2.3.13
*) mod_ssl: Avoid unnecessary renegotiations with SSLVerifyDepth 0.
PR 48215. [Kaspar Brand]
*) mod_status: Display information about asynchronous connections in the *) mod_status: Display information about asynchronous connections in the
server-status. PR 44377. [Stefan Fritsch] server-status. PR 44377. [Stefan Fritsch]

1
modules/ssl/mod_ssl.c
View File

@@ -339,6 +339,7 @@ static SSLConnRec *ssl_init_connection_ctx(conn_rec *c)
sslconn = apr_pcalloc(c->pool, sizeof(*sslconn)); sslconn = apr_pcalloc(c->pool, sizeof(*sslconn));
sslconn->server = c->base_server; sslconn->server = c->base_server;
sslconn->verify_depth = UNSET;
myConnConfigSet(c, sslconn); myConnConfigSet(c, sslconn);

2
modules/ssl/ssl_engine_kernel.c
View File

@@ -499,7 +499,7 @@ int ssl_hook_Access(request_rec *r)
* currently active/remembered verify depth (because this means more * currently active/remembered verify depth (because this means more
* restriction on the certificate chain). * restriction on the certificate chain).
*/ */
n = sslconn->verify_depth ? n = (sslconn->verify_depth != UNSET) ?
sslconn->verify_depth : sslconn->verify_depth :
(mySrvConfig(handshakeserver))->server->auth.verify_depth; (mySrvConfig(handshakeserver))->server->auth.verify_depth;
/* determine the new depth */ /* determine the new depth */