On 03/02/2010 05:58 PM, jean-frederic clere wrote:
How does that interacts with
http://svn.apache.org/viewvc?rev=881179&view=rev ?
The same way as in mod_ssl
Yes but won't it be possible to allow client initiated renegotiation
with 0.9.8m?
According to the OpenSSL docs:
If the option SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is set then
renegotiation always succeeds.
However mod_ssl adds an envvar so that server (application)
can figure out weather the client supports secure renegotiations.
We also have the handshake callback.
Will have to check all that more deeply. The docs are pretty confusing
and undefined in some areas.
Cheers
--
^TM
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
