Discussion for implementing SSL directives #342
Description
I'd like to discuss which ssl handers are needed in order to improve SSL experience of ngx_mruby.
There are already some work that handler in SSL.
first great work is mruby_ssl_handshake_handler.
I'm working mruby_ssl_verify_client_handler and mruby_ssl_client_hello_handler.
in OpenSSL-1.0.2g, server side APIs as below, result of
$ cat ssl.h |grep -e callback -e cb |grep SSL_CTX |grep set | grep -v -e client -e '#'.
in the checklist , We check which API we need.
- void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
- void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
- void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
- void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
- void SSL_CTX_set_info_callback(SSL_CTX *ctx,
- void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
- void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
- void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
- void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
- void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
- void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
- void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
- void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
- void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
- void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
- int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
- int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
- int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
- void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
- void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,