From: Martin Bosslet <Martin.Bosslet@...>
Date: 2011-06-09T06:38:14+09:00
Subject: [ruby-core:36864] [Ruby 1.9 - Feature #4481] Add client_ca method to OpenSSL::SSLSocket


Issue #4481 has been updated by Martin Bosslet.

Assignee set to Martin Bosslet

Thanks Ippei for submitting this - I will have a look at it!

Regards,
Martin

----------------------------------------
Feature #4481: Add client_ca method to OpenSSL::SSLSocket
http://redmine.ruby-lang.org/issues/4481

Author: Ippei Obayashi
Status: Open
Priority: Normal
Assignee: Martin Bosslet
Category: 
Target version: 1.9.3


=begin
Please add "client_ca" method to OpenSSL::SSLSocket to solve the following problem.

Problem:
If a SSL server decide to authenticate clients using client-certificates,
the server can send the list of client CAs to a client as a hint, and
the client can use the list to select an appropriate certificate.
But the current ruby's ext/openssl does not have the API to access the list.

Solution:
Add a wrapper function for SSL_get_client_CA_list.

Two patches (new method and test) are attached to this message.
=end



-- 
http://redmine.ruby-lang.org