diff options
| author |   bluhm <bluhm@openbsd.org> | 2015-07-18 22:15:09 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2015-07-18 22:15:09 +0000 |
| commit | 77b60f9a111d91c5fb041c1662a1d3f68ac1b1a3 (patch) | |
| tree | b9ae4392dc59f45b283d3d74cd348f5e306dfa2d /lib/libtls | |
| parent | add relayd regression test args-http-slow-consumer.pl (diff) | |
| download | wireguard-openbsd-77b60f9a111d91c5fb041c1662a1d3f68ac1b1a3.tar.xz wireguard-openbsd-77b60f9a111d91c5fb041c1662a1d3f68ac1b1a3.zip | |
Set SSL_MODE_ENABLE_PARTIAL_WRITE and SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
in libtls. This gives tls_write() a similar short write semantics
as write(2). So implementing daemons with libevent buffers will
be easier and workarounds in syslogd and httpd can be removed.
OK tedu@ beck@ reyk@
Diffstat (limited to 'lib/libtls')
| -rw-r--r-- | lib/libtls/tls.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libtls/tls.c b/lib/libtls/tls.c index f4bd108daca..246e025e7a7 100644 --- a/lib/libtls/tls.c +++ b/lib/libtls/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.11 2015/04/15 16:08:43 jsing Exp $ */ +/* $OpenBSD: tls.c,v 1.12 2015/07/18 22:15:09 bluhm Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -183,6 +183,9 @@ err: int tls_configure_ssl(struct tls *ctx) { + SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); + SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); |