Rob,
I made most changes required to mod_nss. You recommended looking in nss_hook_Access() to see how to force a TLS handshake. In this function, the TLS handshake is renegotiated from scratch to reflect any reconfigured parameters, right?
In the case of upgrading HTTP to TLS, there has been no previous TLS handshake. Should I still use the SSL_ReHandshake function (as in nss_hook_Access)? Or, would I need to call SSL_ResetHandshake instead?
Regards, Peter
Peter Djalaliev wrote:
Rob,
I made most changes required to mod_nss. You recommended looking in nss_hook_Access() to see how to force a TLS handshake. In this function, the TLS handshake is renegotiated from scratch to reflect any reconfigured parameters, right?
In the case of upgrading HTTP to TLS, there has been no previous TLS handshake. Should I still use the SSL_ReHandshake function (as in nss_hook_Access)? Or, would I need to call SSL_ResetHandshake instead?
You know, I'm not quite sure. Let me check with the SSL team and I'll get back to you as soon as I can.
rob
389-devel@lists.fedoraproject.org