| author | April Chin <april.chin@oracle.com> |
| Fri, 31 Jul 2015 13:11:47 -0700 | |
| changeset 4727 | 3ef0841967f5 |
| parent 4696 | 96b9957387bf |
| permissions | -rw-r--r-- |
|
4052
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
1 |
Patch origin: in-house |
|
4696
96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents:
4052
diff
changeset
|
2 |
Patch status: unclear; so far they disable it just in configuration file |
|
96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents:
4052
diff
changeset
|
3 |
|
|
96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents:
4052
diff
changeset
|
4 |
https://bz.apache.org/bugzilla/show_bug.cgi?id=57120 |
|
4052
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
5 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
6 |
--- modules/ssl/ssl_private.h |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
7 |
+++ modules/ssl/ssl_private.h |
|
4696
96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents:
4052
diff
changeset
|
8 |
@@ -244,9 +244,9 @@ |
|
4052
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
9 |
#define SSL_PROTOCOL_SSLV3 (1<<1) |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
10 |
#define SSL_PROTOCOL_TLSV1 (1<<2) |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
11 |
#ifdef OPENSSL_NO_SSL2 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
12 |
-#define SSL_MOST_ALL SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
13 |
+#define SSL_MOST_ALL SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
14 |
#else |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
15 |
-#define SSL_MOST_ALL SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
16 |
+#define SSL_MOST_ALL SSL_PROTOCOL_TLSV1 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
17 |
#endif |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
18 |
#ifdef HAVE_TLSV1_X |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
19 |
#define SSL_PROTOCOL_TLSV1_1 (1<<3) |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
20 |
--- docs/manual/mod/mod_ssl.html.en |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
21 |
+++ docs/manual/mod/mod_ssl.html.en |
|
4696
96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents:
4052
diff
changeset
|
22 |
@@ -1082,8 +1082,8 @@ |
|
4052
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
23 |
<p> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
24 |
This is the Secure Sockets Layer (SSL) protocol, version 3.0, from |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
25 |
the Netscape Corporation. |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
26 |
- It is the successor to SSLv2 and the predecessor to TLSv1. It's supported by |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
27 |
- almost all popular browsers.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
28 |
+ It is the successor to SSLv2 and the predecessor to TLSv1. Though its |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
29 |
+ use has been deprecated, because of weaknesses in the security of the protocol.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
30 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
31 |
<li><code>TLSv1</code> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
32 |
<p> |
|
4696
96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents:
4052
diff
changeset
|
33 |
@@ -1103,13 +1103,11 @@ |
|
4052
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
34 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
35 |
<li><code>All</code> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
36 |
<p> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
37 |
- This is a shortcut for ``<code>+SSLv2 +SSLv3 +TLSv1</code>'' or |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
38 |
- - when using OpenSSL 1.0.1 and later - |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
39 |
- ``<code>+SSLv2 +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2</code>'', respectively.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
40 |
+ This is a shortcut for ``<code>+TLSv1 +TLSv1.1 +TLSv1.2</code>''.</p></li> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
41 |
</ul> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
42 |
<div class="example"><h3>Example</h3><p><code> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
43 |
# enable SSLv3 and all available TLSv1 flavors, but not SSLv2<br /> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
44 |
-SSLProtocol All -SSLv2 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
45 |
+SSLProtocol All +SSLv3 |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
46 |
</code></p></div> |
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
47 |
|
|
dd17ecf751c3
20813188 problem in UTILITY/APACHE
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
48 |
</div> |