Re: cvs commit: jakarta-tomcat-connectors/jni/native/src ssl.c sslcontext.c

Thu, 09 Jun 2005 01:28:34 -0700
----- Original Message ----- From: "jean-frederic clere" <[EMAIL PROTECTED]> 
To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
Sent: Thursday, June 09, 2005 12:20 AM
Subject: Re: cvs commit: jakarta-tomcat-connectors/jni/native/src ssl.c sslcontext.c 



[EMAIL PROTECTED] wrote:

jfclere     2005/06/08 09:52:58

  Modified:    jni/examples/org/apache/tomcat/jni SSLServer.java
               jni/java/org/apache/tomcat/jni BIOCallback.java SSL.java
                        SSLContext.java
               jni/native/src ssl.c sslcontext.c
  Log:
  Change the BIOCallback interface to use write(byte[] buf) and
  read(byte[] buf);
  Add SSL_accept to do the client handshake.
  Arrange the corresponding example.



+++ CUT +++

Hi,


I am not 100% happy with the code. Mladen already asked me to rollback the 
changes. I think the worst thing is setSock() I have added to BIOCallback.
My idea is/was to use BIOCallback or a similar interface to be able to 
openssl either with normal JAVA sockets or APR native ones.


Comments?




It looked OK to me.  Basically it's the APR implementation of SSLEngine. 
Don't really see a problem.



Of course, I don't really care about the APR-SSL Connector one way or the 
other.  Since the config is the same as for mod_ssl, there is absolutely no 
reason to not simply use mod_ssl instead.  If I just wanted the native-code 
optimizations, I'd use PureTLS instead.



Cheers

Jean-Frederic

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]







This message is intended only for the use of the person(s) listed above as the 
intended recipient(s), and may contain information that is PRIVILEGED and 
CONFIDENTIAL.  If you are not an intended recipient, you may not read, copy, or 
distribute this message or any attachment. If you received this communication 
in error, please notify us immediately by e-mail and then delete all copies of 
this message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through 
the Internet is not secure. Do not send confidential or sensitive information, 
such as social security numbers, account numbers, personal identification 
numbers and passwords, to us via ordinary (unencrypted) e-mail.



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





















					Reply via email to