Feature #96

avatar

SSL+CertFP support

Added by Mirco Bauer 2220 days ago. Updated 221 days ago.

Status:New Start:
Priority:Urgent Due date:
Assigned to:avatarMirco Bauer % Done:

90%

Category:Engine
Target version:TBD
Complexity:

Medium

Votes: 2 (View)

Description

Implement SSL+CertFP support see: http://www.oftc.net/oftc/NickServ/CertFP


Related issues

blocked by Smuxi - Task #456 Include SmartIrc4net library Closed 08/22/2010

Associated revisions

Revision 3a07213acabf7b0de23b9d1851781c82efb56537
Added by Mirco Bauer 1015 days ago

[Engine/Engine-*] Refactored IProtocolManager.Connect() to use ServerModel

Cleanly pass all connection parameters to the protocol manager using the
ServerModel class. This way it is no longer needed to add and save a server
before making use of SSL options.

Also it will make it easier to add multi-identity support (references: #428),
different encoding per server (references: #27),
client certificates (references: #96) and SASL support (references: #98).

History

Updated by Mirco Bauer 1464 days ago

avatar
  • Target version changed from 0.8 to TBD

CA certs need to be imported into Smuxi and the CA store needs to be populated at runtime somehow... SslStream doesn't need to offer a simple API for this :/

Updated by Mirco Bauer 234 days ago

avatar
  • Priority changed from Normal to Urgent
  • Complexity set to Medium

Cert validation is NOT required as the client only needs to supply a client certificate and the server validates that cert for authentication.

Updated by Mirco Bauer 221 days ago

avatar
  • % Done changed from 0 to 90

I have implemented a PoC of this feature here:
https://github.com/meebey/smuxi/tree/experiments/certfp

But it seems like Mono has a bug in its SSL implementation which does not send a client supplied certificate to the server :/

Also available in: Atom PDF