From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Tue, 10 Nov 2009 15:43:17 +0000 (+0000)
Subject: Document allowUnsafeLegacyRenegotiation
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=abd129ba80667c780c94bde81a7bbe5fe35cc39a;p=tomcat7.0

Document allowUnsafeLegacyRenegotiation

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@834510 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index d20865dfd..e7ed38c37 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -789,6 +789,13 @@
       certificates.</p>
     </attribute>
     
+    <attribute name="allowUnsafeLegacyRenegotiation" required="false">
+      <p>Is unsafe legacy TLS renegotiation allowed which is likely to expose
+      users to CVE-2009-3555, a man-in-the-middle vulnerability in the TLS
+      protocol that allows an attacker to inject arbitrary data into the user's
+      request. If not specified, a default of <code>false</code> is used.</p>
+    </attribute>
+
   </attributes>
 
   <p>For more information, see the