commit | 0594211987351eaf521577b798a3a461b043710c | [log] [tgz] |
---|---|---|
author | Emmanuel Hocdet <manu@gandi.net> | Mon Feb 20 16:11:50 2017 +0100 |
committer | Willy Tarreau <w@1wt.eu> | Thu Mar 02 18:31:05 2017 +0100 |
tree | 86bdaf89329ce7e93d644a26561a3ef58c83fece | |
parent | 19b1412e021451d4c7ac39750b556efaaf8639bf [diff] |
MEDIUM: boringssl: support native multi-cert selection without bundling This patch used boringssl's callback to analyse CLientHello before any handshake to extract key signature capabilities. Certificat with better signature (ECDSA before RSA) is choosed transparenty, if client can support it. RSA and ECDSA certificates can be declare in a row (without order). This makes it possible to set different ssl and filter parameter with crt-list.