Return-Path: <bugs-return-50181-archive-asf-public=cust-asf.ponee.io@httpd.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id CCD93200CDF
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 17 Aug 2017 10:46:52 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id CAEFF16A4F3; Thu, 17 Aug 2017 08:46:52 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 19B5F16A38B
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 17 Aug 2017 10:46:51 +0200 (CEST)
Received: (qmail 72089 invoked by uid 500); 17 Aug 2017 08:46:51 -0000
Mailing-List: contact bugs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:bugs@httpd.apache.org>
List-Help: <mailto:bugs-help@httpd.apache.org>
List-Unsubscribe: <mailto:bugs-unsubscribe@httpd.apache.org>
Reply-To: "Apache HTTPD Bugs Notification List" <bugs@httpd.apache.org>
List-Id: <bugs.httpd.apache.org>
Delivered-To: mailing list bugs@httpd.apache.org
Received: (qmail 72080 invoked by uid 99); 17 Aug 2017 08:46:51 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Aug 2017 08:46:51 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id AF0B4C008F
	for <bugs@httpd.apache.org>; Thu, 17 Aug 2017 08:46:50 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.002
X-Spam-Level: 
X-Spam-Status: No, score=-0.002 tagged_above=-999 required=6.31
	tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024)
	with ESMTP id toRFL-6UPKV7 for <bugs@httpd.apache.org>;
	Thu, 17 Aug 2017 08:46:49 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 32CA85F2EC
	for <bugs@httpd.apache.org>; Thu, 17 Aug 2017 08:46:49 +0000 (UTC)
Received: from asf-bz1-us-mid.priv.apache.org (nat1-us-mid.apache.org [23.253.172.122])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTPS id 8CF15E0114
	for <bugs@httpd.apache.org>; Thu, 17 Aug 2017 08:46:48 +0000 (UTC)
Received: by asf-bz1-us-mid.priv.apache.org (ASF Mail Server at asf-bz1-us-mid.priv.apache.org, from userid 33)
	id D79DD60776; Thu, 17 Aug 2017 08:46:46 +0000 (UTC)
From: bugzilla@apache.org
To: bugs@httpd.apache.org
Subject: [Bug 61436] Permissive TLS connection allowed when connecting from
 localhost
Date: Thu, 17 Aug 2017 08:46:46 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Apache httpd-2
X-Bugzilla-Component: mod_ssl
X-Bugzilla-Version: 2.4.27
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: rubimazaki@gmail.com
X-Bugzilla-Status: NEEDINFO
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bugs@httpd.apache.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-61436-7868-f5eQQrXXDO@https.bz.apache.org/bugzilla/>
In-Reply-To: <bug-61436-7868@https.bz.apache.org/bugzilla/>
References: <bug-61436-7868@https.bz.apache.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bz.apache.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
archived-at: Thu, 17 Aug 2017 08:46:53 -0000

https://bz.apache.org/bugzilla/show_bug.cgi?id=3D61436

--- Comment #2 from rubimazaki@gmail.com ---
with:
SSLProtocol -all +TLSv1.2=20

running:
openssl s_client -tls1_1 -connect localhost:443

outputs:

CONNECTED(00000003)
140635205007008:error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert
protocol version:s3_pkt.c:1262:SSL alert number 70
140635205007008:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.1
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1502959441
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

--=20
You are receiving this mail because:
You are the assignee for the bug.=

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org