[libmicrohttpd] doing "client certificate authentication" earlier in the

libmicrohttpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] doing "client certificate authentication" earlier in the

From:	folkert
Subject:	[libmicrohttpd] doing "client certificate authentication" earlier in the TLS handshake
Date:	Wed, 3 Mar 2021 12:31:41 +0100
User-agent:	Mutt/1.10.1 (2018-07-13)

Hi,

In the client certificate authentication example at
https://www.gnu.org/software/libmicrohttpd/tutorial.html#Adding-a-layer-of-security
the check seems to be performed after tls session setup.
I deduced that from:
ci = MHD_get_connection_info (connection, MHD_CONNECTION_INFO_GNUTLS_SESSION);
tls_session = ci->tls_session;

I think it would be better to do this verification during the TLS
handshake (I don't know if there is such a thing!) for safety reasons.

My question now is: can this be realised with libmicrohttpd? Maybe via a
callback, maybe going through libmicrohttpd all the way into gnutls?


Regards,

Folkert van Heusden

--

[Prev in Thread]

Current Thread

[Next in Thread]

[libmicrohttpd] doing "client certificate authentication" earlier in the TLS handshake, folkert <=

Prev by Date: Re: [libmicrohttpd] problem in client certificate authentication example?
Next by Date: [libmicrohttpd] why
Previous by thread: [libmicrohttpd] problem in client certificate authentication example?
Next by thread: [libmicrohttpd] why
Index(es):
- Date
- Thread