[patch] more TLS configuration options for nnrpd
Julien ÉLIE
julien at trigofacile.com
Mon Dec 1 21:54:51 UTC 2014
Hi Christian,
>> Reading the OBJ_nid2obj(3) doc, I see that they #include
>> <openssl/objects.h> when using OBJ_nid2sn(). Shouldn't we also add
>> that include in tls.h when HAVE_SSL_ECC is set?
>
> Right, we probably should.
OK, now committed in the 2.5 branch.
> Now I can't find documentation on the return values of
> SSL_CTX_set_tmp_ecdh, and apps/s_server.c in the openssl sources uses
> it without error checking... let's try it and set the 2nd param to
> NULL and see what happens. Nothing. That is, no crash, openssl
> does disable ECDH support but seems to work fine otherwise.
>
> So the question is: should we check for this unlikely case and output
> a warning, or just ignore it?
Let's just ignore it.
--
Julien ÉLIE
« Ils ont refusé une offre de Normand ?!? » (Astérix)
More information about the inn-workers
mailing list