cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: [PATCH] gtls: implement CURLOPT_CERTINFO

From: Patrick Monnerat <Patrick.Monnerat_at_datasphere.ch>
Date: Mon, 16 Mar 2015 10:14:34 +0100

Alessandro Ghedini wrote:

> The patch uses Curl_extract_certinfo() like the NSS and GSKit backends
do, so I was wondring if there was any reason why the OpenSSL backend
does not.

Originally, only the openSSL backend implemented it using openSSL
specific procedures.
I wrote the X509/ASN1 code to support the certinfo feature (at least
partially) in the GSKit backend.
Then I modified the NSS backend to use it, as an example for other
backends :-)

x509asn1.c does not check for data validity: this is supposed to be done
before calling it by the "real" backend.
Currently, it does not implement attribute listing, so openSSL
implementation is more complete.

Patrick

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-03-16