Re: [PATCH] Cache ssl client certificate passphrases

From: Senthil Kumaran S <senthil_at_collab.net>
Date: Thu, 08 May 2008 14:58:21 +0530

Hi Stefan,

Stefan Sperling wrote:
> How can I help you test this? Didn't you mention some day in IRC
> that you figured out how to create a client certificate with

Yes. It needs a PKCS12 based ssl client certificate.

> a passphrase? Does the server have to know about the client

The server will post a challenge to the client, when the client needs to show
its certificate. The key of this client certificate may be protected by a
passphrase which is what we are caching in this patch.

> somehow? Would I have to set up a server? Or could I test against
> some server you are testing against as well?

Yes you need to set up a server for this (I do not know any public servers with
such auth). I am working on a howto for setting up this type of authentication.
I shall post it asap.

>> + if (str && str->data)
>> + password = str->data;
>
> The indentation here looks wrong.

Thanks for catching it.

-- 
Senthil Kumaran S
http://www.stylesen.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org

Received on 2008-05-08 11:29:02 CEST

This message: [ Message body ]
Next message: Bhuvaneswaran Arumugam: "Re: [PATCH] Cache ssl client certificate passphrases"
Previous message: Stefan Sperling: "Re: [PATCH] Cache ssl client certificate passphrases"
In reply to: Stefan Sperling: "Re: [PATCH] Cache ssl client certificate passphrases"
Next in thread: Bhuvaneswaran Arumugam: "Re: [PATCH] Cache ssl client certificate passphrases"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]