[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    PATCH: HTTP ioslave port to TCPSlaveBase
From:       Dawit Alemayehu <adawit () kde ! org>
Date:       2001-07-03 3:55:54
[Download RAW message or body]

Hi,

Here is a link to a first run patch (rather large to post here) that attempts to 
port kio_http to use TCPSlaveBase:

http://users.starpower.net/adawit/kde2/patches/httpport.tgz

This patch fixes:

1.) Security concerns regarding fake certificates being accepted without a
warning the end user, i.e. no certificate verification ?? See the recent thread 
on this subject in kfm-devel

2.) SSL tunneling finally works!!  Yeah!!!  This means SSL over authenticating
proxies works with this io-slave.  Not only that the changes in tcpslavebase.*
enables any inheriting io-slave to do SSLTunneling with very little work.

3.) But most of all no more kio_https!!!!  R.I.P.  Now kio_http does it all.


I have also made some changes/additions to TCPSlaveBase to allow for 
SSLTunneling etc.  See the header documentation once you apply the
patch.


Known problems with patch:

1.) When connecting to SSL sites you get a constant warning about IP
address of certificate not matching IP address of the site.  George how
does this get fixed ?  I remember you saying something about you needing
to do somethings once io-slaves were ported over to TCPSlaveBase.

2.) The "Lock" in konqy does not get activated even though the connection
is actually secure.  This probably fails under the same issues as #1 since 
everything that had to do with SSL has completely been ripped out of the 
http io-slave :)

Anyways, comments, feedback, problem reports, flames etc... are all welcome...

Regards,
Dawit A.

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic