Changeset 2410

Timestamp:

11/17/08 14:11:53 (2 months ago)

Author:

taher

Message:

Files:

cherokee/trunk/ChangeLog

r2409	r2410
	1	2008-11-17 Taher Shihadeh <taher@unixwars.com>
	2
	3	* doc/media/images/admin_general.png,
	4	doc/basics_installation_windows.txt, doc/config_general.txt,
	5	doc/cookbook_optimizations.txt, doc/dev_cherokee.conf.txt,
	6	doc/basics_requirements.txt, doc/basics_installation_unix.txt,
	7	doc/other_goodies.txt: documentation adjustments to the new
	8	reimplementation of the TSL/SSL support.
	9
1	10	2008-11-17 Alvaro Lopez Ortega <alvaro@octality.com>
2	11
…	…
22	31	cherokee/server-protected.h, cherokee/main_tweak.c,
23	32	cherokee/connection.c, cherokee/server.c, configure.in,
24		qa/run-tests.py: This patch repimplements the TLS/SSL support. It
	33	qa/run-tests.py: This patch reimplements the TLS/SSL support. It
25	34	adds a new plugin type for the crypt related support. It
26	35	implements the OpenSSL (libssl) backend, and removes any trace of

r2068	r2410
57	57	`--disable-pam` , Disable PAM support
58	58	`--disable-tls` , Disable TLS/SSL support
59		`--enable-tls=` , ~~gnutls\|~~openssl
	59	`--enable-tls=` , openssl
60	60	`--enable-trace` , Allows debugging options
61	61	`--disable-admin` , Skips cherokee-admin installation

r1995	r2410
139	139	`--disable-pam` , Disable PAM support
140	140	`--disable-tls` , Disable TLS/SSL support
141		`--enable-tls=` , ~~gnutls\|~~openssl
	141	`--enable-tls=` , openssl
142	142	`--enable-trace` , Allows debugging options
143	143	`--disable-admin` , Stops cherokee-admin from installing

r2361	r2410
53	53
54	54	* If you want to make a build that serves secure content, you will
55		need TLS libraries. Cherokee supports two different SSL/TLS
56		libraries: OpenSSL and GNUTLS. You need to have the development
57		files of one of these in order to build a package that suits your
58		needs.
	55	need TLS libraries. Cherokee ships with support for the OpenSSL
	56	backend, but the architecture is completly modular and any other
	57	backend can be implemented. You need to have the development files
	58	of the chosen backend libraries in order to build a package that
	59	suits your needs.

r2397	r2410
15	15	incoming requests. By default this is port 80 and it will use all the
16	16	network interfaces of the machine, which is usually the desired
17		behavior. The Port TLS specifies the port to be used for secure
18		connections.
	17	behavior.
19	18
20	19
…	…
85	84	Cherokee can be jailed inside a directory. Note that this should not
86	85	be used as the sole security measure.
	86
	87
	88	Secure HTTP
	89	~~~~~~~~~~~
	90
	91	Port TLS
	92	^^^^^^^^
	93	The Port TLS specifies the port to be used for secure connections.
	94
	95	Back-end
	96	^^^^^^^^
	97	Specifies the TLS/SSL backend to be used, if any. The current option
	98	is OpenSSL.

r2397	r2410
57	57	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
58	58	server!port, Number , TCP port for HTTP
	59	server!tls, String , TLS/SSL backend: libssl, ...
59	60	server!port_tls, Number , TCP port for HTTPS
60	61	server!max_fds, Number , Max open file descriptors

r2325	r2410
117	117	will simply work as long as there is a web browser with SNI support at
118	118	the other side. Currently every modern web browser supports this, and
119		Cherokee has TLS SNI support for ~~both the GNUTLS and~~ OpenSSL backends.
	119	Cherokee has TLS SNI support for the OpenSSL backends.
120	120
121	121	Note that for SNI to work, client support is required. Web browsers