link on openssl 1.1.1 API doc:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_early_cb.html
NOTES
[…]
"It is also recommended that applications utilize an early callback and not use
a servername callback, in order to avoid unexpected behavior that occurs due to
the relative order of
Hi Emeric, Christopher
If you can review when you have time. (3) for Christopher.
This patches allows to support native multicert selection (RSA/ECDSA) and
ssl-min-ver/ ssl-max-ver per certificat with openssl 1.1.1 (boringssl is the
only
one to support this until this patch).
patches:
1)
Hi Thierry,
On 09/01/2017 06:07 PM, Emmanuel Hocdet wrote:
> Hi Thierry,
>
> This patch is related to « Capturing browser TLS cipher suites » thread.
> I think it will be match the initial need but without internal ssl structure
> usage and.
> work with openssl 1.0.2 to 1.1.1 and boringssl.
>
On 08/09/2017 07:07 PM, Emmanuel Hocdet wrote:
> Hi Willy,
>
> Patch is not related to openssl version x. It’s a internal structure cleanup.
> I don’t label it as CLEANUP because it remove a potential source of errors
> (this is debatable).
> If you can consider it.
>
> Thanks.
> Manu
>
>
>
Hi all,
Finally I reworked my previous patch. This one should fix the bug,
without side effect (AFAIK). It fixes slowdowns experienced on 1.7.9 for
HTTP responses with undefined body length when the compression is enabled.
--
Christopher Faulet
>From c42035858a58786c296ae3cf3c2420e4fe82aad0
Hi Aleksandar Lazic,
Aleksandar Lazic wrote on 04.09.2017:
> Hi,
> Have anyone seen KTLS also?
> https://lwn.net/Articles/666509/
> https://netdevconf.org/1.2/papers/ktls.pdf
> looks pretty interesting.
In the slides is haproxy mentioned ;-)
https://github.com/ktls/af_ktls
=> Feb 5th
Hi,
Have anyone seen KTLS also?
https://lwn.net/Articles/666509/
https://netdevconf.org/1.2/papers/ktls.pdf
looks pretty interesting.
--
Best Regards
Aleks
7 matches
Mail list logo
