Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 0594211987351eaf521577b798a3a461b043710c
commit0594211987351eaf521577b798a3a461b043710c[log] [tgz]
authorEmmanuel Hocdet <manu@gandi.net>Mon Feb 20 16:11:50 2017 +0100
committerWilly Tarreau <w@1wt.eu>Thu Mar 02 18:31:05 2017 +0100
tree86bdaf89329ce7e93d644a26561a3ef58c83fece
parent19b1412e021451d4c7ac39750b556efaaf8639bf [diff]
MEDIUM: boringssl: support native multi-cert selection without bundling

This patch used boringssl's callback to analyse CLientHello before any
handshake to extract key signature capabilities.
Certificat with better signature (ECDSA before RSA) is choosed
transparenty, if client can support it. RSA and ECDSA certificates can
be declare in a row (without order). This makes it possible to set
different ssl and filter parameter with crt-list.
3 files changed
tree: 86bdaf89329ce7e93d644a26561a3ef58c83fece
  1. contrib/
  2. doc/
  3. ebtree/
  4. examples/
  5. include/
  6. scripts/
  7. src/
  8. tests/
  9. .gitignore
  10. CHANGELOG
  11. CONTRIBUTING
  12. LICENSE
  13. MAINTAINERS
  14. Makefile
  15. README
  16. ROADMAP
  17. SUBVERS
  18. VERDATE
  19. VERSION