That's what I figured. Is there enough passed into the SASL initiation to be able to have a callback hook into the app for it? > -----Original Message----- > From: Dan White [mailto:dwhite@xxxxxxx] > Sent: Wednesday, November 10, 2010 9:41 AM > To: William Mills > Cc: cyrus-sasl@xxxxxxxxxxxxxxxxxxxx > Subject: Re: API to fetch channel binding (SSL) information? > > On 10/11/10 08:50 -0800, William Mills wrote: > >Is there an API to be able to fetch the SSL peer certificate? I'm > looking at doing channel binding. Alternatively has anyone looked at > the challenges to adding this as a supported option to sasl_getprop()? > > > >Thanks, > > > >-bill > > The SASL library doesn't, itself, participate in the SSL/TLS > negotiation, > so it does not have access to any certificate information unless it it > passed to it by the calling application (in the form of an > authentication > identity/username). > > This thread should have more information: > > http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus- > sasl&msg=9550 > > -- > Dan White
