Bring SNI behavior into better conformance with RFC 6066:
- no longer send a warning-level unrecognized_name(112) alert
when no matching vhost is found (PR 56241)
- at startup, only issue warnings about IP/port conflicts and name-based
SSL vhosts when running with an OpenSSL without TLS extension support
(almost 5 years after SNI was added to 2.2.x, the
"[...] only work for clients with TLS server name indication support"
warning feels obsolete)
Proposed by: kbrand
Reviewed by: jorton, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1588424 13f79535-47bb-0310-9956-
ffa450edef68
allow spaces in backreferences to be encoded as %20 instead of '+'.
[Eric Covener]
- *) mod_ssl: bring SNI behavior into better conformance with RFC 6066:
- no longer send warning-level unrecognized_name(112) alerts,
- and limit startup warnings to cases where an OpenSSL version
- without TLS extension support is used. PR 56241. [Kaspar Brand]
-
*) mod_expires: don't add Expires header to error responses (4xx/5xx),
be they generated or forwarded. PR 55669. [ Yann Ylavic ]
projects / apache / commitdiff