If I understand correctly, the current code is relying on
ssl_hook_Access to perform a *second* handshake which will ensure that
the named vhost's access control configuration is enforced, if
necessary?
No, that's probably due to a misunderstanding. In its current form, the
patch will set
Thanks for the detailed response and sorry for the slow follow-up,
Kaspar. I'll just deal with the main issue for the time being:
On Wed, Jan 02, 2008 at 05:36:22PM +0100, Kaspar Brand wrote:
Has a configuration
with an SSLVerifyClient specified in the named vhost been tested?
Yes, and
Kaspar Brand wrote:
Has a configuration
with an SSLVerifyClient specified in the named vhost been tested?
Yes, and one specific configuration actually made me tweak the code in
the servername callback further: [...]
It turns out that this change was too radical, actually - it prevented
Joe, many thanks for your review and valuable comments, first off! As
the person who contributed to the original SNI patch (authored by Peter
Sylvester/EdelWeb), I'll try to address your questions to the best of my
knowledge/ability.
An updated version of the patch (based on Guenter's latest
On Fri, Dec 21, 2007 at 01:16:21PM -, [EMAIL PROTECTED] wrote:
Author: fuankg
Date: Fri Dec 21 05:16:21 2007
New Revision: 606190
URL: http://svn.apache.org/viewvc?rev=606190view=rev
Log:
Added server name indication (RFC 4366) support (PR 34607).
Commits containing changes authored