[Devel] TLS question

Klaus Darilion klaus.mailinglists at pernau.at
Thu Jan 26 16:51:18 CET 2006


Cesc wrote:
> Aaahhh ... the mythical tls module ...
> Indeed, there should be a module ... the truth is that we kind of
> agreed on that some time ago. I guess just no one has much free time
> in its hands.
> 
> Klaus, what you can do is to create you very own small tls module and
> add this function there ... not very difficult. I have a similar thing
> for an old project ...
>>From the module you should be able to access the list of tcp_conn
> objects ... in the extra_data there is a pointer to the ssl_ object
> ... just check if it is not null, then you can use the openssl library
> to obtain data on the status of the tls connection ..

Thanks for the info. I will give it a try. If you have any useful 
fragments from old projects please send them.

regards
klaus

> Regards,
> 
> Cesc
> 
> On 1/25/06, Andreas Granig <andreas.granig at inode.info> wrote:
> 
>>Klaus Darilion wrote:
>>
>>>>Don't know how to implement the logic itself, but IMHO it's much easier
>>>>and cleaner to export a function, say is_tls_peer_verified(), which
>>>>could be placed in the tls module without messing with yacc/lex...
>>>
>>>Interesting. I guess then the tls code must export this functions like
>>>any other module?
>>>
>>>Or should we write a dedicated TLS module in the modules directory for
>>>this functions?
>>
>>Oh. I thought there IS already a tls module. But since it's in the core,
>>it would be more consistent to just export a parameter.
>>
>>Sorry. I better leave this to the experts ;o)
>>
>>Andy
>>
>>
>>
>>_______________________________________________
>>Devel mailing list
>>Devel at openser.org
>>http://openser.org/cgi-bin/mailman/listinfo/devel
>>
> 
> 
> 




More information about the Devel mailing list