curl-library
Re: SSL patch
Date: Wed, 16 Jun 2004 09:10:29 +0200 (CEST)
On Tue, 15 Jun 2004, Gisle Vanem wrote:
> I asked about Common Names regarding IDNA:
> http://www.mail-archive.com/openssl-dev@openssl.org/msg17603.html
>
> and got some conflicting answers, but I think libcurl does the right thing
> by comparing 'peer'_CN' against 'conn->host.name'. Not sure about the
> ASN1_STRING_to_UTF8() wrt. IDNA. Until I find an ACE-host with a
> certificate, I'll leave it.
Joe Orton is generally a person with knowledge and clues. I'd put my money on
his suggestion (= having the ACE string in the cert).
[ patch ]
This is a great patch and I want to apply it. I only have one little nit about
it that we need to sort out first: you add an argument to the debug callback.
This will break older apps that use this! While that is of course an option, I
think we should try to think this through first.
Why does the ssl-data get passed in to the callback using the 'extra' argument
and not just using the regular data pointer?
Uh, and regarding your question about the lack of a Curl_debugf(), I think we
should add such a function as soon as we feel a need for it. It would simply
use a ... argument and build a buffer that it passes to the current
Curl_debug() function.
-- Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se Dedicated custom curl help for hire: http://haxx.se/curl.htmlReceived on 2004-06-16