pike.git / lib / modules / SSL.pmod / Context.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Context.pike:657:      //! Get the list of trusted issuers. See @[set_trusted_issuers].   array(array(string)) get_trusted_issuers()   {    return trusted_issuers;   }      protected array(array(string)) trusted_issuers = ({});   mapping(string:array(Standards.X509.Verifier)) trusted_issuers_cache = ([]);    - //! Determines whether certificates presented by the peer are - //! verified, or just accepted as being valid. - int verify_certificates = 0; -  +    //! For client authentication. Used only if auth_level is AUTH_ask or   //! AUTH_require.   array(int) preferred_auth_methods =   ({ AUTH_rsa_sign });      // Lookup from issuer DER to an array of suitable @[CertificatePair]s,   // sorted in order of strength.   protected mapping(string(8bit):array(CertificatePair)) cert_chains_issuer = ([]);      // Lookup from DN/SNI domain name/glob to an array of suitable
pike.git/lib/modules/SSL.pmod/Context.pike:933:    /* RFC 4346 7.2:    * In this case [fatal alert], other connections corresponding to    * the session may continue, but the session identifier MUST be    * invalidated, preventing the failed session from being used to    * establish new connections.    */    s->identity = 0;    s->master_secret = 0;    /* There's no need to remove the id from the active_sessions queue */   } +  +  + // + // --- Compatibility code + // +  + //! @decl int verify_certificates + //! + //! Determines whether certificates presented by the peer are + //! verified, or just accepted as being valid. + //! + //! @deprecated auth_level +  + __deprecated__ void `verify_certificates=(int i) + { +  if(!i) +  auth_level = AUTHLEVEL_none; +  else if(auth_level < AUTHLEVEL_ask) +  auth_level = AUTHLEVEL_ask; + } +  + __deprecated__ int `verify_certificates() + { +  return auth_level >= AUTHLEVEL_ask; + }