Branch: Tag:

2014-05-13

2014-05-13 16:35:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Pike 8.0: Take advantage of the improved SSL support.

Adds support for having multiple certificates for a single port,
and for having password-protected private keys.

NB: Support for SNI will require more changes. This only adds support
for having multiple certificates of different types.

230: Inside #if constant(SSL.ServerConnection)
  #if constant(SSL.ServerConnection)    // Pike 8.0 and later has much more advanced support for SSL/TLS.    +  defvar( "ssl_password", +  Variable.String("", 0, LOCALE(0, "SSL decryption password"), +  LOCALE(0, "Optional password to decrypt the " +  "SSL key file(s)."))); +     // 112 bits is the maximum strength to still retain the    // DES-3 suites, which are required in the TLS standards.    defvar("ssl_key_bits",    Variable.Int(112, 0, -  LOCALE(0, "Cipher suite minimum strength"), +  LOCALE(0, "Cipher suite minimum key strength"),    LOCALE(0,    "<p>The minimum number of bits to secure "    "connections.</p>\n"