pike.git / lib / modules / SSL.pmod / Context.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Context.pike:629: Inside #if constant(Crypto.ECC.Curve) && constant(Crypto.AES.GCM) && constant(Crypto.SHA384)
   if (strictness_level < 1) {    // Permissive mode. Add the remaining suites of    // the required strength.    preferred_suites += get_suites(min_keylength) - preferred_suites;    }    }   }      #endif /* Crypto.ECC.Curve && Crypto.AES.GCM && Crypto.SHA384 */    + //! Called by the KeyExchangeExportRSA during KE_rsa_export key + //! exchanges to ge thte weak RSA key. By default a new 512 bit key is + //! generated for each key exchange. This method can be overloaded to + //! provide caching or alternative means to generate keys. + Crypto.RSA get_export_rsa_key() + { +  return Crypto.RSA()->generate_key(512); + } +    // --- PSK API      // In addition to implementing get_psk, get_psk_id if you are a client   // and optionally get_psk_hint if you are a server, the context object   // also needs to ensure the apprioriate PSK cipher suites are in the   // preferred_suites array. If the server is only accepting these PSK   // connections, simply setting the array to a single member is best.   // The client must only inlcude PSK suites when talking to a servers   // known to support it, or risk getting MITM attacks.