API to fetch channel binding (SSL) information?

Dan White dwhite at olp.net
Wed Nov 10 12:41:20 EST 2010


On 10/11/10 08:50 -0800, William Mills wrote:
>Is there an API to be able to fetch the SSL peer certificate?  I'm looking at doing channel binding.  Alternatively has anyone looked at the challenges to adding this as a supported option to sasl_getprop()?
>
>Thanks,
>
>-bill

The SASL library doesn't, itself, participate in the SSL/TLS negotiation,
so it does not have access to any certificate information unless it it
passed to it by the calling application (in the form of an authentication
identity/username).

This thread should have more information:

http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=9550

-- 
Dan White


More information about the Cyrus-sasl mailing list