Hello OpenSSL Org: This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch Description: Patch/Feature to add asynchronous processing for some operations This change rebrands SSL_ERROR_WANT_X509_LOOKUP to be SSL_ERROR_WANT_EVENT, making an event type to wait for visible in SSL->rwstate and letting TLS_SRP have its own event type instead of piggybacking on SSL_X509_LOOKUP. This also adds events for for decryption of client key exchange response, generating client certificate verify message and signing of server key exchange message. these typically long-duration RSA operations. The events are: # define SSL_MIN_EVENT 1000 /* client is deciding which cert to present - doesn't follow MIN */ # define SSL_EVENT_X509_LOOKUP SSL_X509_LOOKUP /* server is processing TLS SRP client hello */ # define SSL_EVENT_SRP_CLIENTHELLO 1000 /* server is waiting for decryption of key */ # define SSL_EVENT_KEY_EXCH_DECRYPT_DONE 1001 /* client is waiting for cert verify setup */ # define SSL_EVENT_SETUP_CERT_VRFY_DONE 1002 /* server is siging the message for key exchange */ New APIs: void SSL_CTX_set_schedule_task_cb(SSL_CTX *ctx, SSL_schedule_task_cb cb); int SSL_signal_event(const SSL *ssl, int event, int retcode); int SSL_signal_event_err(const SSL *ssl, int event, int func, int reason, const char *file, int line); int SSL_want_event(const SSL *ssl); Github link: https://github.com/akamai/openssl/commit/e4fa5107524bb5e6e4c79953d436b7e59ee6c5e2 And attachment. Thank you. -- -Todd Short // [email protected] // “One if by land, two if by sea, three if by the Internet."
0004-Rebranding-of-SSL_ERROR_WANT_X509_LOOKUP-as-SSL_ERRO.patch
Description: Binary data
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
