Hi again,

On Mon, 24 Sep 2007 02:32:13 pm Mr Allwyn Fernandes wrote:
> While I usually hold off on sending in patches until they are complete with
> documentation and fully tested, this one has been a Wishlist item for
> Mathopd for a while, so I thought I'd send it through for anyone to play
> with...
> It is a preliminary patch for TLSv1/SSLv3 support for Mathopd 1.5p6, 

I've updated this patch, and it's somewhat better now:

 * Can now use either GnuTLS or OpenSSL as your TLS library.

 * TLS now works even if *_SENDFILE is defined. Sendfile is used for non-TLS 
sockets, while traditional IO is used for TLS sockets.

 * There's some documentation for the TLS configuration options. See 
config.txt and tls.txt.

OpenSSL support works, and is functional. OpenSSL CRL support is NOT 
implemented, because I can't figure out how to make it work yet. 

GnuTLS support works, and is functional. GnuTLS CRL support is implemented.

Please, please specify a DH Params file if you're doing repeated testing. DH 
params generation at startup can take a long time otherwise... 

Patch: http://opensource.stobor.net/mathopd/tls.1.5p6.diff (or see attached).

As usual, apply using: 

/tmp/mathopd-1.5p6$ gunzip tls.1.5p6.diff.gz | patch -p1

Further details will follow at http://opensource.stobor.net/mathopd/#TLS

As always, if you have any problems, questions or comments, please don't 
hesitate to get back to me.



Allwyn Fernandes
Stobor Pty Ltd

Mobile: + 61 430 436 758
LinkedIn: http://www.linkedin.com/in/AllwynFernandes

Attachment: tls.1.5p6.diff.gz
Description: GNU Zip compressed data

Reply via email to