Hi friends, I'm currently writing yet another SSL backend for the OS/400: GSKit. Unlike Qssl, it will support multiple SSL environments, non-blocking connects, host certificate verification and (limited) certificate information retrieval. For these last 2 features, I had to duplicate code from ssluse.c and implement some minimalistic ASN.1/X509 processing. My question is: would it be valuable to other existing SSL implementations if this struct curl_certinfo and ASN.1 stuff is made available as a separate module ? Of course, the idea behind it is NOT to rewrite the OpenSSL library :-) Benefits would not only be to avoid code duplication, but also to unify the format of the returned information... and ease the implementation in SSL modules not supporting it yet. Your feelings and comments are welcome. Note to OS/400 users: I'll soon post a preview of the GSKit backend on this list. Patrick
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
