rpms / httpd

Clone
Source Code
GIT

Blame SOURCES/httpd-2.4.37-CVE-2019-0215.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-2.4 c8-sig-artwork c8-stream-2.4 c8s-stream-2.4 c9 c9-beta
  1.   fa04996bf6dac739da13b802455f77bac86d8b87
  2.   SOURCES
  3.   httpd-2.4.37-CVE-2019-0215.patch
Blob History Raw
bdaebd 
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
bdaebd 
index de0ffb0..e6a9f67 100644
bdaebd 
--- a/modules/ssl/ssl_engine_kernel.c
bdaebd 
+++ b/modules/ssl/ssl_engine_kernel.c
bdaebd 
@@ -1154,6 +1154,7 @@ static int ssl_hook_Access_modern(request_rec *r, SSLSrvConfigRec *sc, SSLDirCon
bdaebd 
                 ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);
bdaebd 
                 apr_table_setn(r->notes, "error-notes",
bdaebd 
                                "Reason: Cannot perform Post-Handshake Authentication.
");
bdaebd 
+                SSL_set_verify(ssl, vmode_inplace, NULL);
bdaebd 
                 return HTTP_FORBIDDEN;
bdaebd 
             }
bdaebd
bdaebd 
@@ -1175,6 +1176,7 @@ static int ssl_hook_Access_modern(request_rec *r, SSLSrvConfigRec *sc, SSLDirCon
bdaebd 
              * Finally check for acceptable renegotiation results
bdaebd 
              */
bdaebd 
             if (OK != (rc = ssl_check_post_client_verify(r, sc, dc, sslconn, ssl))) {
bdaebd 
+                SSL_set_verify(ssl, vmode_inplace, NULL);
bdaebd 
                 return rc;
bdaebd 
             }
bdaebd 
         }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation