[Bug 57100] New: "SSLProtocol ALL" is ignored for virtual hosts

bugzilla Thu, 16 Oct 2014 03:16:26 -0700

https://issues.apache.org/bugzilla/show_bug.cgi?id=57100


            Bug ID: 57100
           Summary: "SSLProtocol ALL" is ignored for virtual hosts
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: [email protected]
          Reporter: [email protected]

It is not possible to set "SSLProtocol ALL" for a virtual host. The setting is
ignored.

Example:
* global setting: SSLProtocol ALL -SSLv3
* virtual host setting: SSLProtocol ALL

The virtual host's setting is ignored and SSLv3 is disabled for the virtual
host.


The bug is in ssl_engine_config.c (modssl_ctx_cfg_merge):

===
#define cfgMerge(el,unset)  mrg->el = (add->el == (unset)) ? base->el : add->el
...
cfgMerge(protocol, SSL_PROTOCOL_ALL);
===

=> the value "SSL_PROTOCOL_ALL" is treated as "undefined" and the global
setting is used instead.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 57100] New: "SSLProtocol ALL" is ignored for virtual hosts

Reply via email to