[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [Libevent-users] the best practice of disabling openssl client renegotiation in libevent2?
- To: libevent-users@xxxxxxxxxxxxx
- Subject: Re: [Libevent-users] the best practice of disabling openssl client renegotiation in libevent2?
- From: Azat Khuzhin <a3at.mail@xxxxxxxxx>
- Date: Wed, 27 Sep 2017 01:14:05 +0300
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: libevent-users-outgoing@xxxxxxxx
- Delivered-to: libevent-users@xxxxxxxx
- Delivery-date: Tue, 26 Sep 2017 18:14:09 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=iIzs9aDuhZNBbE6orKwt3ge5M4XwodLXhzHap7x86yE=; b=OF7Gy9k9IfHxM5DbDcaYLmi1Arkg9HsSvp82A/ZpU3E8kxOKkTJ2SzpjgGP8Jg4GGY 5RwEm4YZiQAvfoE6jbRbQpo71dPHjxfUkXIuQGXs2SGL6t6qAAeqJeLplyB78xR2n+0J Z1mJPgHzW0J1qICcNKy8w0dCb5Pbn/XMxep8aV8Bk7uwtSSnG5Pfb5F/R/8+zPOVDwcQ tQhaFAhkhxvbGq9sX1CwPhFrKCSCgUUOnumpPY8MBbNCzkULTa6sl9RZX9OiCRKLc+Pr n0NiEUiG3yID2OgqwUNX5CTuuKb0WZhS3V3OoqEBOmWaCum64dp/LilDu7X1LC5OB1Jx 5qHg==
- In-reply-to: <CAEZJ=XoK=pcHidk9q0WPi5oXjwG282G60CHkDBWFYLb9z1TNyA@mail.gmail.com>
- References: <CAEZJ=XoK=pcHidk9q0WPi5oXjwG282G60CHkDBWFYLb9z1TNyA@mail.gmail.com>
- Reply-to: libevent-users@xxxxxxxxxxxxx
- Sender: owner-libevent-users@xxxxxxxxxxxxx
On Thu, Aug 17, 2017 at 10:03 AM, Zhuang Yuyao <mlistz@xxxxxxxxx> wrote:
> hi,
>
> disabling ssl client renegotiation in libevent2 seems quite troublesome and
> inconvenient, the only examples I can find are these following patches:
>
> https://github.com/tatsuhiro-t/spdylay/commit/1509c901b6d24affcfc0ec15243085bfc77c1d7b
> https://github.com/tatsuhiro-t/spdylay/commit/0d2311153fb2b9059a7c8e36de9ab1031580d6f2
>
> using filter/underlying bufferevent causes a lot modifications in source
> code such as special calculation of evbuffer length, extra code to handle
> raw input, which destroyed the elegance of codes.
>
> so I'm wondering what is the best practice of disabling openssl client
> renegotiation in libevent2? presume the source code of libevent2 can be
> modified and the binary compatible is not an issue.
Hi,
Well there is no "best practice" since you as the first who asked this.
You can add SSL_CTX_set_info_callback() in bufferevent_openssl.c and
just init EOF (like on conn_closed()) once you receive
SSL_CB_HANDSHAKE_START
(though I don't see how tls_raw_readcb() helps in the second patch)
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users in the body.