e09444eeb5
* Issue #3863 - Enforce use of SNI. Introduced SslContextFactory.rejectUnmatchedSNIHost (default false) so that if no SNI is sent, or SNI does not match a certificate, then the TLS handshake is aborted. Signed-off-by: Simone Bordet <simone.bordet@gmail.com> * Issue #3863 - Enforce use of SNI. Updates after review. Introduced SslContextFactory.SNISelector to allow application to write their custom logic to select a certificate based on SNI information. Signed-off-by: Simone Bordet <simone.bordet@gmail.com> * Issue #3863 Enforce SNI Added two sniRequired fields - one at SslContextLevel and the other at the SecureRequestCustomizer. This allows rejection either at TLS handshake or by 400 response. Signed-off-by: Greg Wilkins <gregw@webtide.com> * Issue #3863 Enforce SNI cleanups from review Signed-off-by: Greg Wilkins <gregw@webtide.com> * Issue #3863 Enforce SNI improved comments Signed-off-by: Greg Wilkins <gregw@webtide.com> * Issue #3863 Enforce SNI syntax sugar Signed-off-by: Greg Wilkins <gregw@webtide.com> * Issue #3863 SNI Updates from review. Extra test for sniSelector function Signed-off-by: Greg Wilkins <gregw@webtide.com> |
||
|---|---|---|
| .. | ||
| src | ||
| pom.xml | ||