I'm happy to announce that I tagged and released mod_nss 1.0.12 today. The changes include:
* Add support for Server Name Indication (SNI) (#1010751) * Add support for SNI for reverse proxy connections * Add RenegBufferSize option * Add support for TLS Session Tickets (RFC 5077) * Fix logical AND support in OpenSSL cipher compatibility * Correctly handle disabled ciphers (CVE-2015-5244) * Implement a slew more OpenSSL cipher macros including kRSA, aRSA, EDH, ECDH, kECDHe, kECDHr, kEECDH, aECDH, aNULL, AESGCM, AES128, AES256, CAMELLIA, CAMELLIA128, CAMELLIA256, ECDH, kECDH, AECDH, ECDSA and aECDSA. * Fix a number of illegal memory accesses and memory leaks * Support for SHA384 ciphers if they are available in the version of NSS mod_nss is built against * Add the SECURE_RENEG environment variable * Add some hints when NSS database cannot be initialized * Fix compatibility with RHEL 6.x (Apache 2.2.x and NSS 3.15.1) * Code cleanup including trailing whitespace and compiler warnings * Modernize autotools configuration slightly, add config.h * Add small test suite for SNI Source can be downloaded from https://fedorahosted.org/released/mod_nss/mod_nss-1.0.12.tar.gz rob _______________________________________________ Mod_nss-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/mod_nss-list
