subject:"server side renegotiation"

server side renegotiation

2010-04-15 Thread Adam Grossman

hello,

i had my code running on 0.9.8e without any issues.  i upgraded to
0.9.8n, and now when my server initiates a renegotiation with the client
(which is either IE or Firefox), SSL_renegotiation returns a 0.  i
understand from the CHANGELOG the it was not allowed until 0.9.8m, but
this line confuses me:

Re-enable renegotiation but require the extension as needed.

i do not know what it means require extensions.  Short of setting
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION , what do i need to do to
have renegotiations work again?

thanks for the patience and hand holding,
-=- adam grossman

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: server side renegotiation

2010-04-15 Thread William A. Rowe Jr.

On 4/15/2010 12:42 PM, Adam Grossman wrote:
 hello,
 
 i had my code running on 0.9.8e without any issues.  i upgraded to
 0.9.8n, and now when my server initiates a renegotiation with the client
 (which is either IE or Firefox), SSL_renegotiation returns a 0.  i
 understand from the CHANGELOG the it was not allowed until 0.9.8m, but
 this line confuses me:
 
 Re-enable renegotiation but require the extension as needed.
 
 i do not know what it means require extensions.  Short of setting
 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION , what do i need to do to
 have renegotiations work again?

Upgrade the client to support the new negotiation API.  As usual, clients
were lagging for some server implementations to validate against.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

server side renegotiation

Re: server side renegotiation

2 matches

Site Navigation

Mail list logo

Footer information