Date: Mon, 07 Dec 2009 20:23:49 +0200 From: Toomas Aas <toomas.aas@raad.tartu.ee> To: questions@freebsd.org Subject: Re: SA-09-15 vs Apache with client certificates Message-ID: <4B1D4835.6070502@raad.tartu.ee> In-Reply-To: <4B17F284.3000602@raad.tartu.ee> References: <4B17F284.3000602@raad.tartu.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
Toomas Aas wrote: > > Do I understand the "NOTE WELL" section of FreeBSD-SA-09:15 correctly > that if I apply the patch then this functionality will no longer work? > Testing confims that my understanding is correct. I applied the patch and authentication results in "ssl_error_handshake_failure_alert" returned by Firefox, whereas the server logs "Re-negotiation handshake failed: Not accepted by client!?". So I quickly reversed the patch. I'm surprised more people aren't getting bitten by this. -- Toomas Aas ... If you think nobody cares about you, try missing a couple of payments.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B1D4835.6070502>