www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

*) mod_ssl: Disable client verification on ACME ALPN challenges. Fixes github

Browse Source 
issue mod_md#172 (https://github.com/icing/mod_md/issues/172).
     [Michael Kaufmann <mail michael-kaufmann.ch>, Stefan Eissing]



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1873888 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Eissing
2020-02-11 10:13:24 +00:00
parent 7e666bfda2
commit e820d1ea4d
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/ssl/ssl_engine_kernel.c
View File

@@ -2403,6 +2403,7 @@ static apr_status_t init_vhost(conn_rec *c, SSL *ssl, const char *servername)
if (set_challenge_creds(c, servername, ssl, cert, key) != APR_SUCCESS) {
return APR_EGENERAL;
}
SSL_set_verify(ssl, SSL_VERIFY_NONE, ssl_callback_SSLVerify);
}
else {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02044)
@@ -2783,6 +2784,7 @@ int ssl_callback_alpn_select(SSL *ssl,
if (set_challenge_creds(c, servername, ssl, cert, key) != APR_SUCCESS) {
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
SSL_set_verify(ssl, SSL_VERIFY_NONE, ssl_callback_SSLVerify);
}
}
}