On Thu, Aug 17, 2017 at 10:03 AM, Zhuang Yuyao <[email protected]> wrote: > hi, > > disabling ssl client renegotiation in libevent2 seems quite troublesome and > inconvenient, the only examples I can find are these following patches: > > https://github.com/tatsuhiro-t/spdylay/commit/1509c901b6d24affcfc0ec15243085bfc77c1d7b > https://github.com/tatsuhiro-t/spdylay/commit/0d2311153fb2b9059a7c8e36de9ab1031580d6f2 > > using filter/underlying bufferevent causes a lot modifications in source > code such as special calculation of evbuffer length, extra code to handle > raw input, which destroyed the elegance of codes. > > so I'm wondering what is the best practice of disabling openssl client > renegotiation in libevent2? presume the source code of libevent2 can be > modified and the binary compatible is not an issue.
Hi, Well there is no "best practice" since you as the first who asked this. You can add SSL_CTX_set_info_callback() in bufferevent_openssl.c and just init EOF (like on conn_closed()) once you receive SSL_CB_HANDSHAKE_START (though I don't see how tls_raw_readcb() helps in the second patch) *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe libevent-users in the body.
