* cause us to end up in a different virtual host as the one that
* was used for the handshake causing different SSL parameters to
* be applied as SSLProtocol, SSLCACertificateFile/Path and
- * SSLCADNRequestFile/Path cannot be renegotioated (SSLCA* due
- * to current limitiations in Openssl, see
+ * SSLCADNRequestFile/Path cannot be renegotiated (SSLCA* due
+ * to current limitiations in OpenSSL, see
* http://mail-archives.apache.org/mod_mbox/httpd-dev/200806.mbox/%3C48592955.2090303@velox.ch%3E
* and
* http://mail-archives.apache.org/mod_mbox/httpd-dev/201312.mbox/%3CCAKQ1sVNpOrdiBm-UPw1hEdSN7YQXRRjeaT-MCWbW_7mN%3DuFiOw%40mail.gmail.com%3E
/*
* We are using a name based configuration here, but no hostname was
* provided via SNI. Don't allow that if are requested to do strict
- * checking. Check wether this strict checking was setup either in the
+ * checking. Check whether this strict checking was setup either in the
* server config we used for handshaking or in our current server.
* This should avoid insecure configuration by accident.
*/
}
}
/* If the first handshake is complete, change state to reject any
- * subsequent client-initated renegotiation. */
+ * subsequent client-initiated renegotiation. */
else if ((where & SSL_CB_HANDSHAKE_DONE) && scr->reneg_state == RENEG_INIT) {
scr->reneg_state = RENEG_REJECT;
}
* vhost we have just switched to. Again, we have to make sure
* that we're not overwriting a session id context which was
* possibly set in ssl_hook_Access(), before triggering
- * a renegotation.
+ * a renegotiation.
*/
if (SSL_num_renegotiations(ssl) == 0) {
unsigned char *sid_ctx =
RENEG_INIT = 0, /* Before initial handshake */
RENEG_REJECT, /* After initial handshake; any client-initiated
* renegotiation should be rejected */
- RENEG_ALLOW, /* A server-initated renegotiation is taking
+ RENEG_ALLOW, /* A server-initiated renegotiation is taking
* place (as dictated by configuration) */
RENEG_ABORT /* Renegotiation initiated by client, abort the
* connection */
projects / apache / commitdiff