diff options
| author | Joe Orton <jorton@apache.org> | 2024-10-16 13:41:52 +0200 |
|---|---|---|
| committer | Joe Orton <jorton@apache.org> | 2024-10-16 13:41:52 +0200 |
| commit | 50df6c8cc0dfeabd659b79e152fc7dd84855ed89 (patch) | |
| tree | 22c8327d792f21e056f659e56922b36a6e5ce1a4 | |
| parent | mod_ssl: Disallow SSLOpenSSLConfCmd within vhost context since it (diff) | |
| download | apache2-50df6c8cc0dfeabd659b79e152fc7dd84855ed89.tar.xz apache2-50df6c8cc0dfeabd659b79e152fc7dd84855ed89.zip | |
Revert r1921336.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921357 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | changes-entries/pr69397.txt | 2 | ||||
| -rw-r--r-- | docs/manual/mod/mod_ssl.xml | 3 | ||||
| -rw-r--r-- | modules/ssl/ssl_engine_config.c | 4 |
3 files changed, 2 insertions, 7 deletions
diff --git a/changes-entries/pr69397.txt b/changes-entries/pr69397.txt deleted file mode 100644 index 32ae57e1f2..0000000000 --- a/changes-entries/pr69397.txt +++ /dev/null @@ -1,2 +0,0 @@ - *) mod_ssl: Disallow use of "SSLOpenSSLConfCmd" in <VirtualHost> - context. PR 69397. [Joe Orton] diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index 3bc2063da8..b28ec9df4b 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -2935,7 +2935,8 @@ forward secrecy.</p> <name>SSLOpenSSLConfCmd</name> <description>Configure OpenSSL parameters through its <em>SSL_CONF</em> API</description> <syntax>SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></syntax> -<contextlist><context>server config</context></contextlist> +<contextlist><context>server config</context> +<context>virtual host</context></contextlist> <compatibility>Available in httpd 2.4.8 and later, if using OpenSSL 1.0.2 or later</compatibility> <usage> diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c index a9e98b9c5b..43593d799c 100644 --- a/modules/ssl/ssl_engine_config.c +++ b/modules/ssl/ssl_engine_config.c @@ -2162,10 +2162,6 @@ const char *ssl_cmd_SSLOpenSSLConfCmd(cmd_parms *cmd, void *dcfg, const char *err; ssl_ctx_param_t *param; - if ((err = ap_check_cmd_context(cmd, GLOBAL_ONLY))) { - return err; - } - if (value_type == SSL_CONF_TYPE_UNKNOWN) { return apr_psprintf(cmd->pool, "'%s': invalid OpenSSL configuration command", |