Am 12.10.2018 um 14:15 schrieb Rémy Maucherat:
On Fri, Oct 12, 2018 at 1:11 PM Rainer Jung <rainer.j...@kippdata.de> wrote:
Am 10.10.2018 um 23:54 schrieb Mark Thomas:
On 10/10/18 22:49, ma...@apache.org wrote:
Author: markt
Date: Wed Oct 10 21:49:55 2018
New Revision: 1843514
URL: http://svn.apache.org/viewvc?rev=1843514&view=rev
Log:
Implement TLS 1.3 support for CLIENT-CERT when the APR/native connector
is not configured with certificateVerification="required" (i.e. the
equivalent of server initiated renegotiation to obtain a client cert)
Modified:
tomcat/native/trunk/native/include/ssl_private.h
tomcat/native/trunk/native/src/sslnetwork.c
There is a large amount of duplication in this commit for the above
file. A C programmer with more skill than me can probably find a simple
way to reduce it.
I hope I have done it without breaking it in r1843645 and r1843651. It
compiles with OpenSSL 1.0.2, 1.1.0 and 1.1.1 and the refactoring isn't
very complex. Do you have an efficient way of testing whether I broke
reneg or PHA?
Nice, no more warnings for me, and it still builds with my obsolete OpenSSL
1.1.0.
Thanks for confirming, much appreciated!
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
