- From: Olga Antropova <olga@goliath.eai.com>
- Date: Fri, 20 Aug 1999 15:21:39 -0500 (CDT)
- To: "Sierchio, Michael" <msierchio@RSA.COM>
- Cc: www-lib@w3.org, yajun_liu@peoplesoft.com, "olga@goliath.eai.com" <olga@goliath.eai.com>
Hi Michael, Current implementation doesn't do the client authentication. The implementation is very basic (done using (out-of-date!!) examples provided with OpenSSL library distribution). If you need client authentication you should implement it. Look for more examples in OpenSSL and its mail archives on how to do that (I did not try). wwwlib-SSL module's purpose is to provide a hook to SSL and the concrete SSL functionality is up to the programmer. Not everyone would want the client authentication for example... Olga. On 20-Aug-99 Sierchio, Michael wrote: > Forgive the naive and possibly redundant question, but > do you support client certs and two-way auth? > > Thanks, > > M. Sierchio > >> -----Original Message----- >> From: Olga Antropova [mailto:olga@goliath.eai.com] >> Sent: Friday, August 13, 1999 12:17 PM >> To: yajun_liu@peoplesoft.com >> Cc: www-lib@w3.org >> Subject: RE: libwww-SSL >> >> >> Yajun, >> >> Explicit call to SSL_connect is not necessary. If the >> connection state is set >> like in HTSSL_connectSetup: >> >> SSL_set_connect_state(htssl->ssl); >> >> then call to SSL_read or SSL_write will trigger the handshake. >> >> You can modify your local copy of HTSSL_connectSetup to do: >> >> SSL_set_fd(htssl->ssl, sd); >> SSL_connect(htssl->ssl); >> >> Olga. >> >> On 13-Aug-99 yajun_liu@peoplesoft.com wrote: >> > >> > Hi there, >> > >> > I could not figure out how the handshake takes place in >> libwww-SSL library. >> > The function SSL_connect does never got called. Any hints? >> > >> > --Yajun >>
Received on Friday, 20 August 1999 16:22:44 UTC