Github user zwoop commented on the pull request:
https://github.com/apache/trafficserver/pull/386#issuecomment-167193001
Yeah, that's a good idea (putting all SSL library weirdness in one file).
---
If your project is set up for it, you can reply to this email and have your
reply appe
Github user jpeach commented on the pull request:
https://github.com/apache/trafficserver/pull/386#issuecomment-167155989
Oh that's a bit nasty, we should add a comment to that effect. I think it
would be best to consolidate the openssl includes in one header so we can
capture this ki
Thanks Brian.
We just started our investigation of what it will take to FIPS'ify ATS (have a
config option). Also looking into what additional work would be required to
complete this work. We can figure out the best approach and follow through on
the work to get the work reviewed and added to
There is also code that disables locking for FIPS, that was the main part of
TS-3576. If you would like to submit a github pull request to create a
configurable option that would enable FIPS and enable the locking that would be
great.
I would also be in favor of having a configurable option to
Github user oknet commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/374#discussion_r48413673
--- Diff: iocore/net/SSLNetVConnection.cc ---
@@ -1400,10 +1416,9 @@ SSLNetVConnection::select_next_protocol(SSL *ssl,
const unsigned char **out, uns
