diff options
| author | bluhm <> | 2015-07-18 22:15:09 +0000 |
|---|---|---|
| committer | bluhm <> | 2015-07-18 22:15:09 +0000 |
| commit | 79175b7915bef3f3d0572672b45fa89e3099204f (patch) | |
| tree | e7822a6b85a2f22420e5987fd523e47553770e9f | |
| parent | 377714c1b61e7397ead1371c378105b908dc3033 (diff) | |
| download | openbsd-79175b7915bef3f3d0572672b45fa89e3099204f.tar.gz openbsd-79175b7915bef3f3d0572672b45fa89e3099204f.tar.bz2 openbsd-79175b7915bef3f3d0572672b45fa89e3099204f.zip | |
Set SSL_MODE_ENABLE_PARTIAL_WRITE and SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
in libtls. This gives tls_write() a similar short write semantics
as write(2). So implementing daemons with libevent buffers will
be easier and workarounds in syslogd and httpd can be removed.
OK tedu@ beck@ reyk@
| -rw-r--r-- | src/lib/libtls/tls.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c index f4bd108dac..246e025e7a 100644 --- a/src/lib/libtls/tls.c +++ b/src/lib/libtls/tls.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls.c,v 1.11 2015/04/15 16:08:43 jsing Exp $ */ | 1 | /* $OpenBSD: tls.c,v 1.12 2015/07/18 22:15:09 bluhm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -183,6 +183,9 @@ err: | |||
| 183 | int | 183 | int |
| 184 | tls_configure_ssl(struct tls *ctx) | 184 | tls_configure_ssl(struct tls *ctx) |
| 185 | { | 185 | { |
| 186 | SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); | ||
| 187 | SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); | ||
| 188 | |||
| 186 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); | 189 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); |
| 187 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); | 190 | SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); |
| 188 | 191 | ||