K 10
svn:author
V 7
clement
K 8
svn:date
V 27
2004-10-13T09:17:38.000000Z
K 7
svn:log
V 418
- Yet Another Security Fix
  Fix CAN-2004-0885:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
  correct cipher suite has been negotiated, else deny access.

  * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
  0.9.7, prevent session resumption during a renegotiation to force the
  client to negotiate a new (and acceptable) cipher suite.

Credits:	Hartmut Keil, Joe Orton

END