Just pulling up some commits:
mod_ssl: Correctly merge configurations that have client certificates… https://github.com/apache/httpd/commit/c4db6aaf8eabc2cc9849900b08ba4ccd2228da12
mod_ssl: We need to get the SSL_CTX for further processing https://github.com/apache/httpd/commit/5b0b68bdfd5a9ac5def45402723d32c5bd39cd8f
Maybe interesting:
Disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication. https://github.com/apache/httpd/commit/bbedd8b80e50647e09f2937455cc57565d94a844
Fail with 403 if SSL_verify_client_post_handshake() fails, e.g. when the TLS/1.3 client didn't send the Post-Handshake Authentication extension. https://github.com/apache/httpd/commit/557b8d1769dc4a207641d313e20fc3e68fd4705d
The big one, but more about TLSv1.3 than openssl 1.1.1 mod_ssl: add experimental support for TLSv1.3 https://github.com/apache/httpd/commit/d5943f3e6a0fba6aada7cb90ab6a7f42081be308
Just pulling up some commits:
mod_ssl: Correctly merge configurations that have client certificates… /github. com/apache/ httpd/commit/ c4db6aaf8eabc2c c9849900b08ba4c cd2228da12
https:/
mod_ssl: We need to get the SSL_CTX for further processing /github. com/apache/ httpd/commit/ 5b0b68bdfd5a9ac 5def45402723d32 c5bd39cd8f
https:/
Maybe interesting:
Disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication. /github. com/apache/ httpd/commit/ bbedd8b80e50647 e09f2937455cc57 565d94a844
https:/
Fail with 403 if SSL_verify_ client_ post_handshake( ) fails, e.g. when the TLS/1.3 client didn't send the Post-Handshake Authentication extension. /github. com/apache/ httpd/commit/ 557b8d1769dc4a2 07641d313e20fc3 e68fd4705d
https:/
The big one, but more about TLSv1.3 than openssl 1.1.1 /github. com/apache/ httpd/commit/ d5943f3e6a0fba6 aada7cb90ab6a7f 42081be308
mod_ssl: add experimental support for TLSv1.3
https:/