httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: Tagging 2.2.15 to play openssl catchup?
Date Fri, 26 Feb 2010 11:17:14 GMT
On 25.02.2010 22:36, William A. Rowe Jr. wrote:
> I'd like to move ahead and catch up to OpenSSL 0.9.8m which was released today,
> and that requires a 2.2 release.
>
> Let's start a three day clock to the tag, and I'll tag Sunday about noon CST.
> That gives folks friday, and weekend warriors time Saturday to catch up with
> final important bugfix backports, and testers can pick this up Sunday afternoon
> or anytime Monday/Tuesday.
>
> WDYAT?

Isn't 0.9.8m by default still allowing unsafe renegs? So updated clients 
will be safe, but the server doesn't enforce the safetyness (and reject 
unsafe client).

trunk already contains a patch by Joe that allows the admin to decide, 
whether he wants to reject unsafe reneg or not.

The revisions of the patch and some additiona to it are:

906039
906057
906067
906116
906454
906485
906491
906493
908015

I guess backporting is pretty straightforward. Wouldn't it be nice to 
already support this with 2.2.15?

Joe, do you already have a candidate, or should I suggest a backport 
patch myself?

Regards,

Rainer

Mime
View raw message