[Mono-dev] Status of SslStream?

Sebastien Pouliot sebastien.pouliot at gmail.com
Fri Aug 11 08:56:21 EDT 2006

Hello Kasper,

On Fri, 2006-08-11 at 14:15 +0200, Kasper F. Brandt wrote:
> Hi
> I'm working on a project which uses SslStream, and i noticed that it's 
> only implemented as a stub in mono. 

Yes. The current best (i.e. easiest & working) approach is to depend on
Ssl[Client|Server]Stream in Mono.Security.dll for both 1.x and 2.0
application (which will work on both Linux and Windows, including on the
MS runtime).

> After looking through the mailing 
> list archive i discovered that Carlos was working on it a year ago ( 
> http://lists.ximian.com/pipermail/mono-devel-list/2005-August/013991.html )

Carlos did a lot of work on this. Sadly we had to fix a number of issues
in the original code and that greatly affected the complexity of
maintaining such a large patch.

> It doesn't really seems like anything has happened since then. Is 
> anybody working on it right now?

Most work is indirect but the plan hasn't changed.

The current code has some issues(*) that we want to fix in the current
implementation before moving it to SslStream (i.e. priority to bug
fixing and 1.x support over 2.0).

	(*) but much fewer than last year :)

Larger issues, like easier testing and reworked async support, will come
into the SslStream rewrite itself. At some point (post 2.0) Ssl[Client|
Server]Stream will be deprecated inside Mono.Security.dll.

> I don't think it would be very difficult to implement it as a 
> SslServerStream/SslClientStream wrapper. 

Maybe but it won't be pretty. You'll be mixing (and converting) fx 1.x
classes, Mono.Security classes and 2.0 classes.

> So if nobody else is working on it I think I will implement it as such.

Feel free to try your approach (you may want to get in touch with Carlos
before starting it). This may get us a (temporary) step forward in
functionality and I'm sure many people would appreciate that.

However I'm unsure we'll want to support an extra level of hack into the
final (and supported) Mono 2.0 release. SSL debugging is hard enough
today, so I prefer investing time into simplifying the code and process.

Sebastien Pouliot  <sebastien at ximian.com>
Blog: http://pages.infinit.net/ctech/

More information about the Mono-devel-list mailing list