Hi,
I work at the Center for Information Technology Integration (CITI)
(affiliated with the University of Michigan) and in the past year I've
been working on a project that makes use of openssl. The results are
reflected in the August 2001 USENIX Security paper ("Kerberized
Credential Translation: A Solution to Web Access Control", available from
USENIX web site: http://www.usenix.org/events/sec01). We modified the
OpenSSL handshake code to get a transcript of an SSL handshake (no
protocol modification were done) the reasons are stated in the paper.
Modifications to the library are minimal (under 200 lines of code) and
include a new data structure and calls to a function that saves the
incoming and outgoing handshake messages. Files that are affected are:
s23_srvr.c, s3_pkt.c, s3_srvr.c, ssl.h. You can look at the patch
http://www.citi.umich.edu/u/aglo/code/openssl/patch-0.9.6a
What I would like to know if it would be possible to incorporate these
changes and make them a part of the default distribution.
Thank you,
-Olga
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
