Am 10.10.2018 um 23:54 schrieb Mark Thomas:
On 10/10/18 22:49, ma...@apache.org wrote:
Author: markt
Date: Wed Oct 10 21:49:55 2018
New Revision: 1843514
URL: http://svn.apache.org/viewvc?rev=1843514&view=rev
Log:
Implement TLS 1.3 support for CLIENT-CERT when the APR/native connector is not configured
with certificateVerification="required" (i.e. the equivalent of server
initiated renegotiation to obtain a client cert)
Modified:
tomcat/native/trunk/native/include/ssl_private.h
tomcat/native/trunk/native/src/sslnetwork.c
There is a large amount of duplication in this commit for the above
file. A C programmer with more skill than me can probably find a simple
way to reduce it.
I hope I have done it without breaking it in r1843645 and r1843651. It
compiles with OpenSSL 1.0.2, 1.1.0 and 1.1.1 and the refactoring isn't
very complex. Do you have an efficient way of testing whether I broke
reneg or PHA?
Thanks and regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
