> -----Original Message----- > From: Rainer Jung > Sent: Freitag, 26. Februar 2010 12:17 > To: dev@httpd.apache.org > Subject: Re: Tagging 2.2.15 to play openssl catchup? > > On 25.02.2010 22:36, William A. Rowe Jr. wrote: > > I'd like to move ahead and catch up to OpenSSL 0.9.8m which > was released today, > > and that requires a 2.2 release. > > > > Let's start a three day clock to the tag, and I'll tag > Sunday about noon CST. > > That gives folks friday, and weekend warriors time Saturday > to catch up with > > final important bugfix backports, and testers can pick this > up Sunday afternoon > > or anytime Monday/Tuesday. > > > > WDYAT? > > Isn't 0.9.8m by default still allowing unsafe renegs? So > updated clients > will be safe, but the server doesn't enforce the safetyness > (and reject > unsafe client). > > trunk already contains a patch by Joe that allows the admin > to decide, > whether he wants to reject unsafe reneg or not. > > The revisions of the patch and some additiona to it are: > > 906039 > 906057 > 906067 > 906116 > 906454 > 906485 > 906491 > 906493 > 908015 > > I guess backporting is pretty straightforward. Wouldn't it be nice to > already support this with 2.2.15? > > Joe, do you already have a candidate, or should I suggest a backport > patch myself?
Joe mentioned in the commit message that this requires OpenSSL 1.0.something. Does this also work with OpenSSL 0.9.8m? Regards Rüdiger
