https://issues.apache.org/bugzilla/show_bug.cgi?id=53114
Bug #: 53114
Summary: Apache 2.2 / OpenSSL 1.0.1 and SSLProtocol
Product: Apache httpd-2
Version: 2.2.22
Platform: PC
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
I was a bit surprised when "openssl s_client" showed me a protocol version of
TLSv1.2 when connecting to my freshly compiled Apache instance using OpenSSL
1.0.1. Somehow after reading the changelog of 2.4 it was my impression that
there were additional server changes necessary...
Anyway, I don't know if a backport of the new OpenSSL features from 2.4 to 2.2
is planned or already in the pipe - if not, attached is a patch to control the
new protocol version, as it is currently not possible to disable them if
required.
Note that just the parts relevant for the config parser were taken from 2.4, no
further functionality was backported.
Please check.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
