Obtained from:
Submitted by:
Reviewed by:
allow POST method over SSL when per-directory client cert
authentication is used with 'SSLOptions +OptRenegotiate' enabled
and a client cert was found in the ssl session cache.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95602
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.37
+ *) allow POST method over SSL when per-directory client cert
+ authentication is used with 'SSLOptions +OptRenegotiate' enabled
+ and a client cert was found in the ssl session cache.
+
*) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
session cache when there is no cert chain in the cache. prior to
the fix this situation would result in a FORBIDDEN response and
*
* !! BUT ALL THIS IS STILL NOT RE-IMPLEMENTED FOR APACHE 2.0 !!
*/
- if (renegotiate && (r->method_number == M_POST)) {
+ if (renegotiate && !renegotiate_quick && (r->method_number == M_POST)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
"SSL Re-negotiation in conjunction "
- "with POST method not supported!");
+ "with POST method not supported!\n"
+ "hint: try SSLOptions +OptRenegotiate");
return HTTP_METHOD_NOT_ALLOWED;
}