]> granicus.if.org Git - apache/commit
projects / apache / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1b6f4a4) | patch
Kasper Brand came across a flaw in the current implementation when CRL
authorDirk-Willem van Gulik <dirkx@apache.org>
Thu, 14 Feb 2008 10:24:04 +0000 (10:24 +0000)
committerDirk-Willem van Gulik <dirkx@apache.org>
Thu, 14 Feb 2008 10:24:04 +0000 (10:24 +0000)
commite5efb68d5b874c6663c6b6661f01fdfc7b1f6d9c
treed704c0e78b6728de84cb7033448222d941f7747ftree | snapshot
parent1b6f4a456a31c2a74dea19bf82cf67522847b538commit | diff
Kasper Brand came across a flaw in the current implementation when CRL
information - i.e.  SSLCARevocationFile/SSLCARevocationPath - is set
on a per-vhost basis (don't know how much sense it makes to have
non-global CRLs, but anyway...).

The attached patch (47B2B1A7.1060009@velox.ch on httpd-dev) addresses
this issue, and it also improves the logging behavior for an SNI
enabled configuration (previously some of the messages would
always go to the first vhost, or wouldn't appear at
all, depending on the LogLevel of the first vhost).

reviewed: dirkx

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@627699 13f79535-47bb-0310-9956-ffa450edef68
modules/ssl/ssl_engine_kernel.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.