httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Falco Schwarz <hid...@falco.me>
Subject Re: DH params and multiple certificates in one VHost
Date Sat, 19 Apr 2014 07:37:15 GMT
I successfully tested your attached patch with the latest 1.0.2
branch. The DH temp key now has the bit length of the used RSA key,
regardless of SSLCertificate[Key]File order.

Thank you, Kaspar.

On Sat, Apr 19, 2014 at 9:11 AM, Kaspar Brand <httpd-dev.2014@velox.ch> wrote:
> On 19.04.2014 09:00, Falco Schwarz wrote:
>> that OpenSSL actually returns the private key used by the connection.
>
> I just noticed [1], so you might want to try the attached (but untested)
> patch with 1.0.2-beta1 at least (beware of CVE-2014-0160 though, later
> versions preferred).
>
> Kaspar
>
> [1] https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=58b86e4235cd420f607819727d372af9f7a80224

Mime
View raw message