On Dec 27, 2010, at 5:23 AM, Daniel Stenberg wrote: > I think it will make sense to still get some #define set internally in > libcurl when TLSAUTH support is found and used, so that we can make > curl_easy_setopt() return failure for the cases where an app would try to set > the TLSAUTH options without there being underlying support for them.
Got it. Will work on this. >> I'll also work on some tests (will have to figure out how to get stunnel >> working with TLS-SRP). > > Cool! But since stunnel is OpenSSL-based, won't this require that we build > stunnel with an OpenSSL with the SRP patch applied? Yes, didn't think about this. What do you recommend the tests work against? The only server implementations of TLS-SRP that don't require patching are Apache/mod_gnutls and TLS Lite (a Python lib), unless I'm missing any. Apache/mod_gnutls is too heavy to use for testing. Given the lack of better options, is it OK to add a dependency of Python and TLS Lite for the TLS-SRP tests? (I've talked to some people about the OpenSSL TLS-SRP patch. It has been maintained and works against recent OpenSSL releases, but it's still unclear when it will be accepted.) -Quinn ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
