diff options
| author | Kaspar Brand <kbrand@apache.org> | 2014-04-05 14:57:43 +0200 |
|---|---|---|
| committer | Kaspar Brand <kbrand@apache.org> | 2014-04-05 14:57:43 +0200 |
| commit | cbba0dbc00fc8aebb4389bc0bdbe3e72544d6fd2 (patch) | |
| tree | 837de5f96f807be51e83c7eed466fc708ff5979f /CHANGES | |
| parent | move a temporary table from r->pool to a temporary (diff) | |
| download | apache2-cbba0dbc00fc8aebb4389bc0bdbe3e72544d6fd2.tar.xz apache2-cbba0dbc00fc8aebb4389bc0bdbe3e72544d6fd2.zip | |
Bring SNI behavior into better conformance with RFC 6066:
- no longer send a warning-level unrecognized_name(112) alert
when no matching vhost is found (PR 56241)
- at startup, only issue warnings about IP/port conflicts and name-based
SSL vhosts when running with an OpenSSL without TLS extension support
(almost 5 years after SNI was added to 2.2.x, the
"[...] only work for clients with TLS server name indication support"
warning feels obsolete)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585090 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -1,6 +1,11 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) mod_ssl: bring SNI behavior into better conformance with RFC 6066: + no longer send warning-level unrecognized_name(112) alerts, + and limit startup warnings to cases where an OpenSSL version + without TLS extension support is used. PR 56241. [Kaspar Brand] + *) mod_proxy_html: Do not delete the wrong data from HTML code when a "http-equiv" meta tag specifies a Content-Type behind any other "http-equiv" meta tag. PR 56287 [Micha Lenk <micha lenk info>] |