[mod_gnutls-devel] Patches

Thomas Calderon calderon.thomas at gmail.com
Mon Feb 16 14:40:13 CET 2015 

Hi,


Nikos sent the patch below a couple months ago.
It is a great addition to mod_gnutls and could be aggregated with other
mod_gnutls patches.


Hello,
 The attached patch adds PKCS #11/TPM support to mod_gnutls. The
objects (keys and certificates), can be specified as PKCS #11 URLs
[0], and you can see those URLs using gnutls' p11tool. Most probably
some better documentation of these URLs is needed.
This requires gnutls 3.1.3 or later, and as a side-effect this patch
allows encrypted keys to be loaded by mod_gnutls (PKCS #8/#12 and
openssl format).
regards,
Nikos
[0]. http://www.gnutls
.org/manual/html_node/Reading-objects.html#Reading-objects


Cheers,

Thomas Calderon


On Sun, Feb 15, 2015 at 4:30 PM, Thomas Klute <thomas2.klute at uni-dortmund.de
> wrote:

> Hi all,
>
> I've added a wiki page to my mod_gnutls repository on Github. That's no
> replacement for upstream merges, but it should hopefully make it easier
> for anyone who might be interested to get my patches. Please see:
>
> https://github.com/airtower-luna/mod_gnutls/wiki
>
> I might create a branch aggregating all my work later, but I kind of
> want to complete the proxy TLS support first. And while I can't merge
> into the upstream repository, I'd be happy to collect useful patches. ;-)
>
> Best regards,
> Thomas
>
> Am 07.02.2015 um 21:33 schrieb Ramkumar Chinchani:
> > Hi Daniel,
> >
> > IMO, there are some good patches being contributed on the mailing list.
> > While I understand that the project needs to be conservative in what gets
> > accepted so as to not break things, I fear some good work is getting
> lost.
> >
> > Perhaps, these can go into an "experimental" branch/tag so that they are
> > available at a central place.
> >
> > Thoughts/comments/guidelines?
> >
> >
> >
> > _______________________________________________
> > mod_gnutls-devel mailing list
> > mod_gnutls-devel at lists.gnutls.org
> > http://lists.gnupg.org/mailman/listinfo/mod_gnutls-devel
> >
>
> _______________________________________________
> mod_gnutls-devel mailing list
> mod_gnutls-devel at lists.gnutls.org
> http://lists.gnupg.org/mailman/listinfo/mod_gnutls-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150216/ab0d579a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Use-the-new-3.1.3-GnuTLS-APIs-to-obtain-private-keys.patch.gz
Type: application/x-gzip
Size: 12676 bytes
Desc: not available
URL: </pipermail/attachments/20150216/ab0d579a/attachment-0001.bin>

More information about the mod_gnutls-devel mailing list