# HG changeset patch
# User Maxim Dounin
# Date 1741457467 -10800
# Sat Mar 08 21:11:07 2025 +0300
# Node ID 094e0ea330f5416750aa663647f60462a0c4b0cf
# Parent 4dc9fb4dd95248df980aefbf946b4f299dcae00f
SSL: added additional verify context check for OpenSSL.
When using TLSv1.3, OpenSSL 1.1.1e+
# HG changeset patch
# User Maxim Dounin
# Date 1741458004 -10800
# Sat Mar 08 21:20:04 2025 +0300
# Node ID a23ab99972ae28e2bd2ce9badfaa2e52c6a03e24
# Parent 00307a7f3cadcc3a1eb4f9446e779e8a093657c4
Tests: tests for SSL verification context checks.
diff --git a/ssl_verify_context.t b/ssl_v
# HG changeset patch
# User Maxim Dounin
# Date 1741455881 -10800
# Sat Mar 08 20:44:41 2025 +0300
# Node ID 4dc9fb4dd95248df980aefbf946b4f299dcae00f
# Parent 48cff1a93a0e8ed50699e9201a805d5e14aab84d
SSL: reworked restriction on hosts other than negotiated.
Following 5095:4fbef397c753, atte
# HG changeset patch
# User Maxim Dounin
# Date 1741442050 -10800
# Sat Mar 08 16:54:10 2025 +0300
# Node ID 48cff1a93a0e8ed50699e9201a805d5e14aab84d
# Parent 1996ea0bc55d2bc950297f9d7990a5b07948f5e2
SSL: added trusted certificates into session id context.
This ensures that sessions cannot
Hello!
The following patch series somewhat improves checking of the SSL context
where the client certificate was verified.
Notably:
- Session ID context now includes trusted certificates list, so a
session cannot be restored in a server block with different trusted
certificates list (even if