1. 22 2月, 2001 7 次提交
    • R
      Include e_os2.h instead of opensslconf.h. · 65a87c7d
      Richard Levitte 提交于
      SSL_add_dir_cert_subjects_to_stack is not implemented on WIN32 and
      VMS, so declare it the same way.
      65a87c7d
    • D
      · 72e3c20c
      Dr. Stephen Henson 提交于
      Rebuild ASN1 error codes to remove unused function and reason codes.
      72e3c20c
    • G
      If a callback is generating a new session ID for SSLv2, then upon exiting, · ec0f1959
      Geoff Thorpe 提交于
      the ID will be padded out to 16 bytes if the callback attempted to generate
      a shorter one. The problem is that the uniqueness checking function used in
      callbacks may mistakenly think a 9-byte ID is unique when in fact its
      padded 16-byte version is not. This makes the checking function detect
      SSLv2 cases, and ensures the padded form is checked rather than the shorter
      one passed by the callback.
      ec0f1959
    • G
      fa2b8db4
    • G
      This adds command-line support to s_server for controlling the generation · 1aa0d947
      Geoff Thorpe 提交于
      of session IDs. Namely, passing "-id_prefix <text>" will set a
      generate_session_id() callback that generates session IDs as random data
      with <text> block-copied over the top of the start of the ID. This can be
      viewed by watching the session ID s_client's output when it connects.
      
      This is mostly useful for testing any SSL/TLS code (eg. proxies) that wish
      to deal with multiple servers, when each of which might be generating a
      unique range of session IDs (eg. with a certain prefix).
      1aa0d947
    • G
      This change allows a callback to be used to override the generation of · dc644fe2
      Geoff Thorpe 提交于
      SSL/TLS session IDs in a server. According to RFC2246, the session ID is an
      arbitrary value chosen by the server. It can be useful to have some control
      over this "arbitrary value" so as to choose it in ways that can aid in
      things like external session caching and balancing (eg. clustering). The
      default session ID generation is to fill the ID with random data.
      
      The callback used by default is built in to ssl_sess.c, but registering a
      callback in an SSL_CTX or in a particular SSL overrides this. BTW: SSL
      callbacks will override SSL_CTX callbacks, and a new SSL structure inherits
      any callback set in its 'parent' SSL_CTX. The header comments describe how
      this mechanism ticks, and source code comments describe (hopefully) why it
      ticks the way it does.
      
      Man pages are on the way ...
      
      [NB: Lutz was also hacking away and helping me to figure out how best to do
      this.]
      dc644fe2
    • G
      'make update' · 47ddf355
      Geoff Thorpe 提交于
      47ddf355
  2. 21 2月, 2001 10 次提交
  3. 20 2月, 2001 23 次提交