httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 51075] Add support for TLS-SRP (RFC 5054)
Date Thu, 06 Sep 2012 15:46:09 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51075

--- Comment #4 from Peter Sylvester <peter.sylvester@edelweb.fr> ---
(In reply to comment #2)
> (In reply to comment #0)
> > This patch was originally created by Christophe Renou and Peter Sylvester of
> > EdelWeb. I updated it to work with Apache 2's mod_ssl.

good. 

> 
> You do have permission to submit the patch under the Apache License, don't
> you?

I hereby confirm that this is the case. 

> 
> Some more questions: Is there any documentation for the openssl interface
> available somewhere? Do you know why SRP_VBASE_init() and SRP_VBASE_new()
> take char* as argument and not const char*?

The original version was made before the "const"ification attempts in openssl.

IMO, the srp_vbase stuff should not be used. Instead a dynamic approach,
reading
from an LDAP or database can be used to retrieve a verifier. this can be done
without blocking.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message