www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

PR:

Browse Source 
Obtained from:
Submitted by:
Reviewed by:
allow POST method over SSL when per-directory client cert
authentication is used with 'SSLOptions +OptRenegotiate' enabled
and a client cert was found in the ssl session cache.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95602 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Doug MacEachern
2002-06-11 03:19:27 +00:00
parent 5f0320d1c1
commit db7a29e3b7
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -1,5 +1,9 @@
Changes with Apache 2.0.37
*) allow POST method over SSL when per-directory client cert
authentication is used with 'SSLOptions +OptRenegotiate' enabled
and a client cert was found in the ssl session cache.
*) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
session cache when there is no cert chain in the cache. prior to
the fix this situation would result in a FORBIDDEN response and

5
modules/ssl/ssl_engine_kernel.c
View File

@@ -673,10 +673,11 @@ int ssl_hook_Access(request_rec *r)
*
* !! BUT ALL THIS IS STILL NOT RE-IMPLEMENTED FOR APACHE 2.0 !!
*/
if (renegotiate && (r->method_number == M_POST)) {
if (renegotiate && !renegotiate_quick && (r->method_number == M_POST)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
"SSL Re-negotiation in conjunction "
"with POST method not supported!");
"with POST method not supported!\n"
"hint: try SSLOptions +OptRenegotiate");
return HTTP_METHOD_NOT_ALLOWED;
}