Lines Matching defs:in
5 * (the "License"); you may not use this file except in compliance with
10 * Unless required by applicable law or agreed to in writing, software
183 * cause us to end up in a different virtual host as the one that
187 * to current limitations in OpenSSL, see
196 " provided in HTTP request", servername);
217 * checking. Check whether this strict checking was set up either in the
218 * server config we used for handshaking or in our current server.
323 * forbidden in the latter case, let ap_die() handle
357 * Check to see whether SSL is in use; if it's not, then no
388 * obvious and trivial. Especially because while Apache is in its
394 * reconfigured (as known by OpenSSL) or (in optimized way) at least when
405 * the cipher suite changed in _any_ way (which is straight-forward but
410 * only if the currently active cipher is no longer contained in the
413 * client supports. So as long as the current cipher is still in the new
415 * selected it again even when other (better) ciphers exists now in the
522 * OpenSSL about the currently verify depth. Instead we remember it in our
609 * certificate verification has happened in the handshake already
656 * To allow authentication to complete in this auth hook, the
718 /* client cert is in the session cache, but there is
829 * However, this causes failures in perl-framework currently,
910 * of view as the certificate supplied acts in that capacity.
983 * occuring, in particular it must be run before anything else that
985 * module should be LAST in the Configuration file.
1006 * We decline when we are in a subrequest. The Authorization header
1007 * would already be present if it was added in the main request.
1038 * We decline operation in various situations...
1064 APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02434) "Failed to set FakeBasicAuth username to '%s', did not exist in certificate", dc->szUserName);
1074 * password in the users file would match ALL incoming passwords, if only
1076 * "fixes" a "bug" in crypt and thus prevents blank passwords from
1077 * working. (IMHO what they really fix is a bug in the users of the code
1080 * adding the string "xxj31ZMTZzkVA" as the password in the user file.
1349 * SSL connection (available in OpenSSL 1.0.2 or later only)
1358 * (see the definition of SSL_EXPORT_PKEYLENGTH in ssl_locl.h).
1373 "handing out built-in DH parameters for %d-bit authenticated connection", keylen);
1425 * (this callback doesn't happen in the server context if SSLVerify
1447 * peer (at the very least, it's confusing, and in many cases, it's also
1466 * missing/untrusted. Fail in that case. */
1590 * so we send the first client cert in the list.
1701 * Store the SSL_SESSION in the inter-process cache with the
1729 * SSL_SESSION is looked up in the internal OpenSSL cache and it
1730 * was not found. We use this to lookup the SSL_SESSION in the
1766 * We use this to remove the SSL_SESSION in the inter-process
1846 "%s: Exit: failed in %s",
1851 "%s: Exit: error in %s",
1945 * the client's behavior in response to warning-level alerts
1948 * To maintain backwards compatibility in mod_ssl, we
1950 * i.e. we take the second action suggested in RFC 6066:
2053 * possibly set in ssl_hook_Access(), before triggering
2207 * hello, giving a list of desired protocol names (in descending preference)
2218 const unsigned char *in, unsigned int inlen, void *arg)
2245 unsigned int plen = in[i++];
2253 apr_pstrndup(c->pool, (const char *)in+i, plen);
2314 * string in wire format -- a sequence of length-prefixed strings -- indicating
2316 * in OpenSSL for reference.
2358 /* If the protocol name is too long (the length must fit in one byte),