cURL Mailing List Monthly Index Single Mail
Re: Patch for TLS-SRP support (using GnuTLS)
From: Quinn Slack <sqs_at_cs.stanford.edu>
Date: Mon, 27 Dec 2010 17:45:52 +0800
On Dec 27, 2010, at 5:23 AM, Daniel Stenberg wrote:
> I think it will make sense to still get some #define set internally in libcurl when TLSAUTH support is found and used, so that we can make curl_easy_setopt() return failure for the cases where an app would try to set the TLSAUTH options without there being underlying support for them.
Got it. Will work on this.
>> I'll also work on some tests (will have to figure out how to get stunnel working with TLS-SRP).
Yes, didn't think about this. What do you recommend the tests work against? The only server implementations of TLS-SRP that don't require patching are Apache/mod_gnutls and TLS Lite (a Python lib), unless I'm missing any. Apache/mod_gnutls is too heavy to use for testing. Given the lack of better options, is it OK to add a dependency of Python and TLS Lite for the TLS-SRP tests?
(I've talked to some people about the OpenSSL TLS-SRP patch. It has been maintained and works against recent OpenSSL releases, but it's still unclear when it will be accepted.)
These mail archives are generated by hypermail.
Page updated November 12, 2010.
web site info