git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736686 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736685 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736684 13f79535-47bb-0310-9956-ffa450edef68

Improve syntax highlight.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736683 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736681 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736592 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736582 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736581 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736563 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736463 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736449 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736445 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736428 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736250 13f79535-47bb-0310-9956-ffa450edef68

masked on many platforms by intrinsic limits.h inclusion by
other headers.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736243 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736226 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736225 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736217 13f79535-47bb-0310-9956-ffa450edef68

see if it helps unblocking test framework.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736216 13f79535-47bb-0310-9956-ffa450edef68

encryption mode (we used to return 0, OpenSSL documents returning 1 instead).

Practically this does not change anything since OpenSSL will only check for
>= 0 return value (non error) for encryption mode (the other possible return
values are only relevant for decryption mode).

However the OpenSSL documentation for SSL_CTX_set_tlsext_ticket_key_cb()
states:
"
The return value of the cb function is used by OpenSSL to determine what
further processing will occur. The following return values have meaning:

2
    This indicates that the ctx and hctx have been set and the session can
    continue on those parameters. Additionally it indicates that the session
    ticket is in a renewal period and should be replaced. The OpenSSL library
    will call cb again with an enc argument of 1 to set the new ticket (see
    RFC5077 3.3 paragraph 2).

1
    This indicates that the ctx and hctx have been set and the session can
    continue on those parameters.

0
    This indicates that it was not possible to set/retrieve a session ticket
    and the SSL/TLS session will continue by by negotiating a set of
    cryptographic parameters or using the alternate SSL/TLS resumption
    mechanism, session ids.
    If called with enc equal to 0 the library will call the cb again to get a
    new set of parameters.

less than 0
    This indicates an error.
"

So 0 is not appropriate in our code, 1 is what we really want (and it won't
break if OpenSSL later changes its checks on the callback return value).

Reported by: oknet on github, pull request #18.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736186 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1736156 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735967 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735964 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735952 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735949 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735942 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735941 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735935 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735931 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735930 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735928 13f79535-47bb-0310-9956-ffa450edef68

  - Followup to r1735875:
    ssl_util_thread_setup() is gone.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735925 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735906 13f79535-47bb-0310-9956-ffa450edef68

- ab: use new API SSL_CTX_set_max_proto_version()
  and SSL_CTX_set_min_proto_version() in
  combination with TLS_client_method() instead
  of the old deprecated methods.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735891 13f79535-47bb-0310-9956-ffa450edef68

- The callback function passed to
  SSL_CTX_sess_set_get_cb() now needs the
  session id argument to be const.
  So constify the session id.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735883 13f79535-47bb-0310-9956-ffa450edef68

- use new API SSL_CTX_set_max_proto_version()
  and SSL_CTX_set_min_proto_version() instead
  of SSL_CTX_set_options()
- use new methods TLS_client_method() and
  TLS_server_method()


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735882 13f79535-47bb-0310-9956-ffa450edef68

- ERR_remove_thread_state() no longer has an
  argument.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735878 13f79535-47bb-0310-9956-ffa450edef68

- SRP_VBASE_get_by_user() is deprecated now,
  one should use SRP_VBASE_get1_by_user()
  instead. The new function returns a pointer
  owned by the callee. It must be freed after
  use.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735877 13f79535-47bb-0310-9956-ffa450edef68

- remove thread locking. It is now builtin
  for OpenSSL 1.1.0


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735875 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735809 13f79535-47bb-0310-9956-ffa450edef68