Ralf S. Engelschall schrieb:
>
> Ok, here is take 3 and my cleaned up and finally proposed patch which solves
> the POST problems by pre-sucking pending input data from the SSL/TLS I/O layer
> and re-injecting them after the renegotiation phase into the Apache I/O layer.
I don't want to blow away your work, but this seems to me
the wrong solution! Is it really okay, if a renegotiation
was initiated because of missing cipher strength, client
cert whatever to accept the data sent under other
conditions? What happens if renegotiation fails completely?
If client doesn't present a cert for example?
--
Holger Reif Tel.: +49 361 74707-0
SmartRing GmbH Fax.: +49 361 7470720
Europaplatz 5 [EMAIL PROTECTED]
D-99091 Erfurt WWW.SmartRing.de
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
