On Wed, Aug 11, 2021 at 12:28:38PM -0700, Kevin J. McCarthy wrote: > On Wed, Aug 11, 2021 at 03:02:30PM -0400, Craig Gallek wrote: > > This already worked when compiled against openssl, but not with gnutls. > > Looks like this is based on the OpenSSL calls. If you can verify it works > for you, I have no problem with the patch. > > > I figured it would be good to get some early feedback on this, though. > > In particular, do you care that this duplicates a translation string? > > It could certainly be put in a common place, but I wasn't sure where. > > It's not a problem to duplicate translation strings, so this is fine. > > > This change is safe with or without the gnutls change. It simply won't > > call the prompt callback with older versions of gnutls (though, it's > > proabably > > best to wait for that change anyway to ensure that this callback mechanism > > will be the one actually used). > > I agree. Let's wait until your merge request is accepted. If you wouldn't > mind sending a followup email then, I'll be glad to merge it at that point.
Thanks for the review. The gnutls change has been merged. I've tested the ssl_client_cert option with an encrypted key when built against both openssl and gnutls. Both prompt for a decryption password now before successfully connecting. Please let me know if there in any other testing you would like to see. Thanks again, Craig
