[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-httpd-bugs
Subject: [Bug 57553] mod_ssl_ct causes connection failures when configured 'empty'
From: bugzilla () apache ! org
Date: 2015-02-22 22:30:47
Message-ID: bug-57553-7868-5umF6ccYDw () https ! bz ! apache ! org/bugzilla/
[Download RAW message or body]
https://bz.apache.org/bugzilla/show_bug.cgi?id=57553
Jeff Trawick <trawick@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #4 from Jeff Trawick <trawick@apache.org> ---
This should be fixed now by trunk revision r1661540.
http://svn.apache.org/viewvc?view=revision&revision=1661540
The issue I found was that each vhost would not be using its own module
configuration (i.e., "sconf" in the previous discussion) if the vhost didn't
contain mod_ssl_ct directives. That's an expected core httpd "feature" which
makes sense for almost all modules, but it is a problem here because
mod_ssl_ct's module config needs to also represent the vhost's certificates,
which are not reflected in the mod_ssl_ct configuration. The fix was to create
a vhost-specific sconf when reuse of the global configuration is detected.
The submitter's suggested fix would also accommodate the current requirement,
but I think it is better for each vhost to have its on config in support of
future changes.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic