...
> Alon,
> I've started working on (1) and (2). Attached is the
> updated cryptoapi.c. Would you prefer a patch when changes
> involve a single file? Can you tell me what you think (is
...
> As for (3), where is the SSL role defined? Or,
> alternatively, what is the procedure when cryptoapi isn't
> used to verify the certificate is in the correct role?
...
> Jason
...
Oh, Happy Day! Now I don't have to do it. I've wanted this for some time,
and forgot that someone had already started working on it a year ago.
The ssl server role is controlled by the options --tls-server and
--tls-client (these are also set internally by the various 'helper' macros
like --client and --server). So, if you have the 'options' object, then the
member
options->tls_server
will indicate if you are in server mode. It is only used in an interesting
way in ssl.c, as far as I can see. There is also a --tls-client, but I
don't see it being used in an interesting way anyway. (Interesting ==
something other than setting the value or printing output).
As far as dynamically loading the crypto api dll; the comments state this is
a hack to work around MingW's incompleteness? Implying that -- barring
incompleteness -- the dll would have otherwise been loaded implicitly? If
so then I would suggest loading it on application startup and unloading on
shutdown. This is analogous to things like 'WSAStartup' and 'OleInit'. On
the other hand, the 'load' function looks idempotent, so it can be called
safely as many times as you like. Just make sure to call it before you need
it. Also, it is not strictly necessary to call 'unload' unless you are
really wanting to truly unload for some technical reason, or just like to be
tidy like that. The OS will happily 'unload' it upon process shutdown.
I can't comment on 'code cleanup' because that is subjective.
-Dave
