Changes with Apache 2.0.37
+ *) Reverted a minor optimization in mod_ssl.c that used the vhost ID
+ as the session id context rather that a MD5 hash of that vhost ID,
+ because it caused very long vhost id's to be unusable with mod_ssl.
+ PR 8572. [Cliff Woolley]
+
*) Fix the link to the description of the CoredumpDirectory
directive in the server-wide document. PR 8643. [Jeff Trawick]
SSLSrvConfigRec *sc = mySrvConfig(c->base_server);
SSL *ssl;
SSLConnRec *sslconn = myConnConfig(c);
+ char *vhost_md5;
modssl_ctx_t *mctx;
/*
return DECLINED; /* XXX */
}
- if (!SSL_set_session_id_context(ssl,
- (unsigned char *)sc->vhost_id,
- sc->vhost_id_len))
+ vhost_md5 = ap_md5_binary(c->pool, sc->vhost_id, sc->vhost_id_len);
+
+ if (!SSL_set_session_id_context(ssl, (unsigned char *)vhost_md5,
+ MD5_DIGESTSIZE*2))
{
ssl_log(c->base_server, SSL_LOG_ERROR|SSL_ADD_SSLERR,
- "Unable to set session id context to `%s'", sc->vhost_id);
+ "Unable to set session id context to `%s'", vhost_md5);
c->aborted = 1;