From: Ippei Obayashi <ohai@...>
Date: 2011-03-08T02:57:51+09:00
Subject: [ruby-core:35461] [Ruby 1.9 - Feature #4481][Open] Add client_ca method to OpenSSL::SSLSocket


Issue #4481 has been reported by Ippei Obayashi.

----------------------------------------
Feature #4481: Add client_ca method to OpenSSL::SSLSocket
http://redmine.ruby-lang.org/issues/4481

Author: Ippei Obayashi
Status: Open
Priority: Normal
Assignee: 
Category: 
Target version: 1.9.3


Please add "client_ca" method to OpenSSL::SSLSocket to solve the following problem.

Problem:
If a SSL server decide to authenticate clients using client-certificates,
the server can send the list of client CAs to a client as a hint, and
the client can use the list to select an appropriate certificate.
But the current ruby's ext/openssl does not have the API to access the list.

Solution:
Add a wrapper function for SSL_get_client_CA_list.

Two patches (new method and test) are attached to this message.


-- 
http://redmine.ruby-lang.org