libmicrohttpd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] doing "client certificate authentication" earlier in the


From: folkert
Subject: [libmicrohttpd] doing "client certificate authentication" earlier in the TLS handshake
Date: Wed, 3 Mar 2021 12:31:41 +0100
User-agent: Mutt/1.10.1 (2018-07-13)

Hi,

In the client certificate authentication example at
https://www.gnu.org/software/libmicrohttpd/tutorial.html#Adding-a-layer-of-security
the check seems to be performed after tls session setup.
I deduced that from:
ci = MHD_get_connection_info (connection, MHD_CONNECTION_INFO_GNUTLS_SESSION);
tls_session = ci->tls_session;

I think it would be better to do this verification during the TLS
handshake (I don't know if there is such a thing!) for safety reasons.

My question now is: can this be realised with libmicrohttpd? Maybe via a
callback, maybe going through libmicrohttpd all the way into gnutls?


Regards,

Folkert van Heusden

-- 



reply via email to

[Prev in Thread] Current Thread [Next in Thread]