1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
# $Header: /cvsroot/aolserver/nsopenssl/tests/nsd.tcl,v 1.1 2002/10/07 20:41:07 scottg Exp $
#
# Define ports to use for testing
#
set httpsport_server 9050
set httpsport_sockserver 9051
set httpsport_sockclient 9052
#
# Define modules to load
#
array set loadmodules [list nsopenssl nsopenssl$ext]
#
# nsopenssl (HTTPS)
#
ns_section "ns/server/${servername}/module/nsopenssl"
ns_param ServerHostname $hostname
ns_param ServerAddress $address
ns_param ServerPort $httpsport_server
# This should be last resort???
#ns_param ServerLocation "https://192.168.0.2:$https2port"
ns_param ServerTrace true
ns_param ServerCertFile server1-cert.pem
ns_param ServerKeyFile server1-key-unsecure.pem
ns_param ServerPeerVerify false
ns_param ServerPeerVerifyDepth 10
ns_param ServerCADir server.cadir
ns_param ServerCAFile ca1-cert.pem
ns_param ServerProtocols "SSLv2, SSLv3, TLSv1"
ns_param ServerCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param ServerSessionCache false
ns_param ServerSessionCacheId 1
ns_param ServerSessionCacheSize 128
ns_param ServerSessionCacheTimeout 300
ns_param SockServerTrace true
ns_param SockServerCertFile server1-cert.pem
ns_param SockServerKeyFile server1-key-unsecure.pem
ns_param SockServerPeerVerify true
ns_param SockServerPeerVerifyDepth 10
ns_param SockServerCADir server.cadir
ns_param SockServerCAFile ca1-cert.pem
ns_param SockServerProtocols "SSLv2, SSLv3, TLSv1"
ns_param SockServerCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param SockServerSessionCache false
ns_param SockServerSessionCacheId 2
ns_param SockServerSessionCacheSize 128
ns_param SockServerSessionCacheTimeout 300
ns_param SockClientTrace true
ns_param SockClientCertFile client1-cert.pem
ns_param SockClientKeyFile client1-key-unsecure.pem
ns_param SockClientPeerVerify false
ns_param SockClientPeerVerifyDepth 10
ns_param SockClientCADir server.cadir
ns_param SockClientCAFile ca1-cert.pem
ns_param SockClientProtocols "SSLv2, SSLv3, TLSv1"
ns_param SockClientCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param SockClientSessionCache false
ns_param SockClientSessionCacheId 3
ns_param SockClientSessionCacheSize 128
ns_param SockClientSessionCacheTimeout 300
#ns_param RandomFile /dev/urandom
#ns_param SeedBytes 1024
#ns_param ServerBufferSize 16384
#ns_param ServerSockTimeout 30
#ns_param ClientBufferSize 16384
#ns_param ClientSockTimeout 30
#
# nsopenssl (HTTPS) (Loading a second copy of the module)
#
ns_section "ns/server/${servername}/module/nsopenssl2"
ns_param ServerHostname $hostname
ns_param ServerAddress $address
ns_param ServerPort $httpsport_sockclient
# This should be last resort???
#ns_param ServerLocation "https://192.168.0.2:$https2port"
ns_param ServerTrace true
ns_param ServerCertFile server1-cert.pem
ns_param ServerKeyFile server1-key-unsecure.pem
ns_param ServerPeerVerify false
ns_param ServerPeerVerifyDepth 10
ns_param ServerCADir server.cadir
ns_param ServerCAFile ca1-cert.pem
ns_param ServerProtocols "SSLv2, SSLv3, TLSv1"
ns_param ServerCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param ServerSessionCache false
ns_param ServerSessionCacheId 1
ns_param ServerSessionCacheSize 128
ns_param ServerSessionCacheTimeout 300
ns_param SockServerTrace true
ns_param SockServerCertFile server1-cert.pem
ns_param SockServerKeyFile server1-key-unsecure.pem
ns_param SockServerPeerVerify true
ns_param SockServerPeerVerifyDepth 10
ns_param SockServerCADir server.cadir
ns_param SockServerCAFile ca1-cert.pem
ns_param SockServerProtocols "SSLv2, SSLv3, TLSv1"
ns_param SockServerCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param SockServerSessionCache false
ns_param SockServerSessionCacheId 2
ns_param SockServerSessionCacheSize 128
ns_param SockServerSessionCacheTimeout 300
ns_param SockClientTrace true
ns_param SockClientCertFile client1-cert.pem
ns_param SockClientKeyFile client1-key-unsecure.pem
ns_param SockClientPeerVerify false
ns_param SockClientPeerVerifyDepth 10
ns_param SockClientCADir server.cadir
ns_param SockClientCAFile ca1-cert.pem
ns_param SockClientProtocols "SSLv2, SSLv3, TLSv1"
ns_param SockClientCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param SockClientSessionCache false
ns_param SockClientSessionCacheId 3
ns_param SockClientSessionCacheSize 128
ns_param SockClientSessionCacheTimeout 300
#ns_param RandomFile /dev/urandom
#ns_param SeedBytes 1024
#ns_param ServerBufferSize 16384
#ns_param ServerSockTimeout 30
#ns_param ClientBufferSize 16384
#ns_param ClientSockTimeout 30
|
