1. 22 2月, 2001 3 次提交
    • G
      This adds command-line support to s_server for controlling the generation · 1aa0d947
      Geoff Thorpe 提交于
      of session IDs. Namely, passing "-id_prefix <text>" will set a
      generate_session_id() callback that generates session IDs as random data
      with <text> block-copied over the top of the start of the ID. This can be
      viewed by watching the session ID s_client's output when it connects.
      
      This is mostly useful for testing any SSL/TLS code (eg. proxies) that wish
      to deal with multiple servers, when each of which might be generating a
      unique range of session IDs (eg. with a certain prefix).
      1aa0d947
    • G
      This change allows a callback to be used to override the generation of · dc644fe2
      Geoff Thorpe 提交于
      SSL/TLS session IDs in a server. According to RFC2246, the session ID is an
      arbitrary value chosen by the server. It can be useful to have some control
      over this "arbitrary value" so as to choose it in ways that can aid in
      things like external session caching and balancing (eg. clustering). The
      default session ID generation is to fill the ID with random data.
      
      The callback used by default is built in to ssl_sess.c, but registering a
      callback in an SSL_CTX or in a particular SSL overrides this. BTW: SSL
      callbacks will override SSL_CTX callbacks, and a new SSL structure inherits
      any callback set in its 'parent' SSL_CTX. The header comments describe how
      this mechanism ticks, and source code comments describe (hopefully) why it
      ticks the way it does.
      
      Man pages are on the way ...
      
      [NB: Lutz was also hacking away and helping me to figure out how best to do
      this.]
      dc644fe2
    • G
      'make update' · 47ddf355
      Geoff Thorpe 提交于
      47ddf355
  2. 21 2月, 2001 10 次提交
  3. 20 2月, 2001 27 次提交