On 03/19/2011 12:39 PM, Peter Sylvester wrote:
hi,
given that the latest openssl now contains support for SRP,
here a patch for openssl. since gnu-tls is already supported
in curl, the patch is rather simple:
adds some test to configure.ac and some logic to ssluse.c
I do not have tested whether the behaviour is like with gnu-tls
potential issues:
In case when the tlsauth is enabled:
- what should be the default ssl version?
I'll set TLSv1 if non was given.
- The default ciphersuites in openssl do not include SRP
if no ciphersuite is given by the user,
SRP is set as the default.
I forgot: since the openssl srp is not documented (yet):
touch verifiers
openssl srp -srpvfile verifiers -add -gn 2048 theuser
(ignore the error message about attr)
the resulting file can be used in openssl s_server for testing
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
