pike.git / lib / modules / SSL.pmod / Context.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Context.pike:767:   // which later may fail when verified against supported certificate   // types, hash/signature algorithms.   //   // The client/server potentially has a set of trusted issuers   // certificates (root certificates) that are used to validate the   // server/client sent certificate. These are stored in trusted_issuers   // and in a cache from subject der to Verifier object. FIXME: Should   // use key identifier.      //! Policy for client authentication. One of - //! @[SSL.Constants.AUTHLEVEL_none], @[SSL.Constants.AUTHLEVEL_ask] + //! @[SSL.Constants.AUTHLEVEL_none], + //! @[SSL.Constants.AUTHLEVEL_verify], @[SSL.Constants.AUTHLEVEL_ask]   //! and @[SSL.Constants.AUTHLEVEL_require].   int auth_level;      //! Array of authorities that are accepted for client certificates.   //! The server will only accept connections from clients whose   //! certificate is signed by one of these authorities. The string is a   //! DER-encoded certificate, which typically must be decoded using   //! @[MIME.decode_base64] or @[Standards.PEM.Messages] first.   //!   //! Note that it is presumed that the issuer will also be trusted by
pike.git/lib/modules/SSL.pmod/Context.pike:1138:   //!   //! Determines whether certificates presented by the peer are   //! verified, or just accepted as being valid.   //!   //! @deprecated auth_level      __deprecated__ void `verify_certificates=(int i)   {    if(!i)    auth_level = AUTHLEVEL_none; -  else if(auth_level < AUTHLEVEL_ask) -  auth_level = AUTHLEVEL_ask; +  else if(auth_level < AUTHLEVEL_verify) +  auth_level = AUTHLEVEL_verify;   }      __deprecated__ int `verify_certificates()   { -  return auth_level >= AUTHLEVEL_ask; +  return auth_level >= AUTHLEVEL_verify;   }      //! @decl int(0..1) encrypt_then_mac   //!   //! Attempt to enable encrypt-then-mac mode. Defaults to @expr{1@}.   //!   //! @deprecated extensions      __deprecated__ void `encrypt_then_mac=(int(0..1) i)   {    extensions[EXTENSION_encrypt_then_mac] = !!i;   }      __deprecated__ int(0..1) `encrypt_then_mac()   {    return !!extensions[EXTENSION_encrypt_then_mac];   }