Hi friends,
  I'm currently writing yet another SSL backend for the OS/400: GSKit.
Unlike Qssl, it will support multiple SSL environments, non-blocking
connects, host certificate verification and (limited) certificate
information retrieval.
 
  For these last 2 features, I had to duplicate code from ssluse.c and
implement some minimalistic ASN.1/X509 processing.
 
My question is: would it be valuable to other existing SSL
implementations if this struct curl_certinfo and ASN.1 stuff is made
available as a separate module ? Of course, the idea behind it is NOT to
rewrite the OpenSSL library :-) Benefits would not only be to avoid code
duplication, but also to unify the format of the returned information...
and ease the implementation in SSL modules not supporting it yet.
 
Your feelings and comments are welcome.
 
Note to OS/400 users: I'll soon post a preview of the GSKit backend on
this list.
 
Patrick

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-03-27