| author | Norm Jacobs <Norm.Jacobs@Oracle.COM> |
| Wed, 27 May 2015 11:09:36 -0500 | |
| changeset 4362 | 0a8849e52e36 |
| parent 4052 | dd17ecf751c3 |
| child 4696 | 96b9957387bf |
| permissions | -rw-r--r-- |
|
4052
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
1 |
Patch origin: in-house |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
2 |
Patch status: will be submitted to upstream |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
3 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
4 |
--- modules/ssl/ssl_private.h |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
5 |
+++ modules/ssl/ssl_private.h |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
6 |
@@ -246,9 +246,9 @@ |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
7 |
#define SSL_PROTOCOL_SSLV3 (1<<1) |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
8 |
#define SSL_PROTOCOL_TLSV1 (1<<2) |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
9 |
#ifdef OPENSSL_NO_SSL2 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
10 |
-#define SSL_MOST_ALL SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
11 |
+#define SSL_MOST_ALL SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
12 |
#else |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
13 |
-#define SSL_MOST_ALL SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
14 |
+#define SSL_MOST_ALL SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
15 |
#endif |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
16 |
#ifdef HAVE_TLSV1_X |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
17 |
#define SSL_PROTOCOL_TLSV1_1 (1<<3) |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
18 |
--- docs/manual/mod/mod_ssl.html.en |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
19 |
+++ docs/manual/mod/mod_ssl.html.en |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
20 |
@@ -1029,8 +1029,8 @@ |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
21 |
<p> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
22 |
This is the Secure Sockets Layer (SSL) protocol, version 3.0, from |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
23 |
the Netscape Corporation. |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
24 |
- It is the successor to SSLv2 and the predecessor to TLSv1. It's supported by |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
25 |
- almost all popular browsers.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
26 |
+ It is the successor to SSLv2 and the predecessor to TLSv1. Though its |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
27 |
+ use has been deprecated, because of weaknesses in the security of the protocol.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
28 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
29 |
<li><code>TLSv1</code> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
30 |
<p> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
31 |
@@ -1050,13 +1050,11 @@ |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
32 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
33 |
<li><code>All</code> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
34 |
<p> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
35 |
- This is a shortcut for ``<code>+SSLv2 +SSLv3 +TLSv1</code>'' or |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
36 |
- - when using OpenSSL 1.0.1 and later - |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
37 |
- ``<code>+SSLv2 +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2</code>'', respectively.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
38 |
+ This is a shortcut for ``<code>+TLSv1 +TLSv1.1 +TLSv1.2</code>''.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
39 |
</ul> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
40 |
<div class="example"><h3>Example</h3><p><code> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
41 |
# enable SSLv3 and all available TLSv1 flavors, but not SSLv2<br /> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
42 |
-SSLProtocol All -SSLv2 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
43 |
+SSLProtocol All +SSLv3 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
44 |
</code></p></div> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
45 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
46 |
</div> |