Hi Tim,

Looks good. Could you merge it please?

- AJ

On 23/3/19 18:04, Tim Rühsen wrote:
Thank you Daniel and Diresh.

I don't think we should send the post handshake extension in case no
client certificate is given.

The OpenSSL documentation is pretty silent about what happens when a
server requests a post handshake. What I found is that some kind of
callback function is mentioned, but I didn't find an example on a quick

I add Ander Juaristi, since he promised to maintain the OpenSSL code of
Wget until the end of his life, hehe ;-)

Regards, Tim

On 23.03.19 10:20, a...@cyberstorm.mu wrote:
Hello all,

A re-work was done on the patch as Daniel suggested.

Please find the updated gist in the link below:

Could you provide a feedback about the change.

Diresh Soomirtee.

On Friday, March 22, 2019 22:23 CET, Daniel Stenberg <dan...@haxx.se> wrote:
On Fri, 22 Mar 2019, Tim Rühsen wrote:

Are you sure that '#ifdef SSL_CTX_set_post_handshake_auth' works ?
Here with
OpenSSL 1.1.1b it seems that 'SSL_CTX_set_post_handshake_auth' is a
and not a #define.

In curl we use this #ifdef magic for figuring out if the function is

#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && \


/ daniel.haxx.se

Reply via email to