httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Felt <mamf...@gmail.com>
Subject Re: The show goes on - 2.4.16
Date Thu, 16 Jul 2015 15:38:25 GMT
Nothing serious of course - AND the advantage is that I do not have to do a
new build to switch to pre-fork (which was the old way iirc).

So - was I the first to find a bug in the new release :P

btw - I am much more interested in the ssl tests and whether it is a failed
test (going back to MC4 128-bit) when the initial connection was much
better. I assume this is not logjam (or some other horrible recent OpenSSL
TLS renegotiate CVE) - but it is something we want to prevent (as far as I
know LibreSSL has no support for RC4 as it is too weak - hence these will
fail by definition if the test (client) is forcing a renegotiate to that
level of cryptography (key exchange?).

In other words - think more about my other post please!

On Thu, Jul 16, 2015 at 5:26 PM, Yann Ylavic <ylavic.dev@gmail.com> wrote:

> Yes, and with --enable-load-all-modules (not so common, I think, when
> not testing with the framework...).
>
> On Thu, Jul 16, 2015 at 5:19 PM, Jim Jagielski <jim@jagunet.com> wrote:
> > Yeah... grrrrr.
> >
> > In any case, this would affect only those w/ virgin builds, right?
> >
> >> On Jul 16, 2015, at 11:01 AM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
> >>
> >> On Thu, Jul 16, 2015 at 4:41 PM, Michael Felt <mamfelt@gmail.com>
> wrote:
> >>> My comment is that with 2.4.12 the same configure did not do this.
> This is
> >>> new behavior.
> >>
> >> Probably a consequence of [1] which may not play very well with
> >> --enable-load-all-modules.
> >>
> >> [1] http://svn.apache.org/r1661848
> >
>

Mime
View raw message