W3C home > Mailing lists > Public > www-lib@w3.org > April to June 2000

Re: ssl 2.0

From: <jose.kahan@w3.org>
Date: Thu Jun 15 09:10:25 2000
Message-Id: <200006151310.PAA11853@tuvalu.inrialpes.fr>
To: RUniphone@aol.com
Cc: bhawley@mantamedia.com, www-lib@w3.org
Brian and Oleg,

Thanks for your patches and comments.

I just commited Brian's patches [1] to the libwww-ssl code. 

I didn't want to hardcode the change of the protocol method from TLSv1 to 
SSLv23 because what works in one application may not be what you'd like in 
another.  Rather, I extended the libwww-ssl API so that you can change (or 
retrieve) the method from your own application. I think this is one question
we always need to ask ourselves when contributing to libwww "is this a general
patch?".  And when it's not so, it's up to the poor guy who's committing it
to make sure it is :)

The new API is on HTSSL.[hc]

====
typedef enum _HTSSL_PROTOCOL {
	HTSSL_V2,
	HTSSL_V3,
	HTSSL_V23,
	HTTLS_V1
}
	HTSSL_protMethod_set (HTSSL_PROTOCOL protocol);
	HTSSL_PROTOCOL HTSSL_protMethod (void);
====

This sets up a protocol method variable in HTSSL.c. You should change its
value before invoking the HTSSL_init () function, in order to take the
change into account.

By default, if the protMethod_set function isn't called, HTTLS_V1 will be
used.

[1] http://lists.w3.org/Archives/Public/www-lib/2000JanMar/0018.html

-Jose

In our previous episode, RUniphone@aol.com said:
> 
> I tried 
> SSLv23_client_method() in HTSSL_init
> It workes.
> It is also possible to use 
> TLSv1_client_method()
> SSLv3_client_method()
> SSLv2_client_method()
> 
> SSLv2_client_method() allow to rettrieve data from the servers which only supports SSL 2.0
Received on Thursday, 15 June 2000 09:10:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 23 April 2007 18:18:36 GMT