On 10/11/10 08:50 -0800, William Mills wrote:
Is there an API to be able to fetch the SSL peer certificate? I'm looking at doing channel binding. Alternatively has anyone looked at the challenges to adding this as a supported option to sasl_getprop()? Thanks, -bill
The SASL library doesn't, itself, participate in the SSL/TLS negotiation, so it does not have access to any certificate information unless it it passed to it by the calling application (in the form of an authentication identity/username). This thread should have more information: http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=9550 -- Dan White
