I'm re-implementing support for RFC5878 (TLS authorization extensions) in
OpenSSL and subsequently mod_ssl.
I am working on contributing back the OpenSSL changes and would like to
contribute back the mod_ssl changes.
A little RFC5878 background: Client sends a TLS extension representing the
I'm contributing a patch which facilitates send and receive of custom TLS
extensions and supplemental data from third party modules.
The patch attached to the bugzilla issue is completely additive, and only
updates mod_ssl code: https://issues.apache.org/bugzilla/show_bug.cgi?id=55467
OpenSSL
Since you mentioned RFC 5878, I've attached a patch to issue 55467 which allows
third party modules to send and receive custom TLS extensions or supplemental
data (which can be used to implement support for RFC 5878), and adds reneg
support as well (as some folks only want to send the
optional hooks and
functions.
The patch can be found here:
https://issues.apache.org/bugzilla/show_bug.cgi?id=55467
I’m happy to update the patch based on feedback.
Thanks much,
Scott Deboy
extensions TLS supplemental data. It also
gives third-party modules the ability to trigger renegotiation. It leverages
APIs recently added to OpenSSL master and 1.0.2 stable branches.
Any feedback is appreciated!
Thanks much,
Scott
On Feb 6, 2014, at 2:20 PM, Scott Deboy sde...@secondstryke.com