On Tue 13 Jun 2006 16:28, Florian Weimer wrote: > On Tue, Jun 13, 2006 at 02:51:34PM +0200, fweimer wrote: > > > In that case if you would like to send the client certificate > > > anyway, you should use the callback function (don't remember the > > > name right now). > > > > Will try and report. > > gnutls_certificate_client_get_request_status still returns 0 on the > client side, but it seems that this time, a certificate is actually > transmitted in a way the server can handle it. This looks like a bug, but from a quick glimpse the code looks ok. I'll try to check it further once I have more time.
> May I assume that the first certificate returned by > gnutls_certifcate_get_peers contains public key material which > actually corresponds to the private key material which was used to > establish the ssession? No. That would be the last certificate in the chain. > By the way, gnutls_certificate_client_set_retrieve_function is not a > well-designed interface. The callback function lacks a closure > parameter. What do you mean by closure parameter? > Even worse, it is hard to fake it because > gnutls_certificate_client_set_retrieve_function is called with a > credentials structure, and the callback is called with a session > structure. Extremely annoying. But you want to know the session in the callback (to obtain information about the current session). The session is the caller of the callback. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
