[Mono-dev] Status of SslStream?

Kasper F. Brandt kasper at aulomen.dk
Fri Aug 11 11:08:34 EDT 2006 

Thank for the answers. After i have looked at Carlos's code I think it 
would be a waste of time to write a SslClientStream/SslServerStream 
wrapper as a temporary solution. I guess it would be of more help if I 
helped getting the implementation Carlos is working on done.
> Hello Kasper,
>
> On Fri, 2006-08-11 at 14:15 +0200, Kasper F. Brandt wrote:
>   
>> Hi
>> I'm working on a project which uses SslStream, and i noticed that it's 
>> only implemented as a stub in mono. 
>>     
>
> Yes. The current best (i.e. easiest & working) approach is to depend on
> Ssl[Client|Server]Stream in Mono.Security.dll for both 1.x and 2.0
> application (which will work on both Linux and Windows, including on the
> MS runtime).
>
>   
>> After looking through the mailing 
>> list archive i discovered that Carlos was working on it a year ago ( 
>> http://lists.ximian.com/pipermail/mono-devel-list/2005-August/013991.html )
>>     
>
> Carlos did a lot of work on this. Sadly we had to fix a number of issues
> in the original code and that greatly affected the complexity of
> maintaining such a large patch.
>
>   
>> It doesn't really seems like anything has happened since then. Is 
>> anybody working on it right now?
>>     
>
> Most work is indirect but the plan hasn't changed.
>
> The current code has some issues(*) that we want to fix in the current
> implementation before moving it to SslStream (i.e. priority to bug
> fixing and 1.x support over 2.0).
>
> 	(*) but much fewer than last year :)
>
> Larger issues, like easier testing and reworked async support, will come
> into the SslStream rewrite itself. At some point (post 2.0) Ssl[Client|
> Server]Stream will be deprecated inside Mono.Security.dll.
>
>   
>> I don't think it would be very difficult to implement it as a 
>> SslServerStream/SslClientStream wrapper. 
>>     
>
> Maybe but it won't be pretty. You'll be mixing (and converting) fx 1.x
> classes, Mono.Security classes and 2.0 classes.
>
>   
>> So if nobody else is working on it I think I will implement it as such.
>>     
>
> Feel free to try your approach (you may want to get in touch with Carlos
> before starting it). This may get us a (temporary) step forward in
> functionality and I'm sure many people would appreciate that.
>
> However I'm unsure we'll want to support an extra level of hack into the
> final (and supported) Mono 2.0 release. SSL debugging is hard enough
> today, so I prefer investing time into simplifying the code and process.
>
>

More information about the Mono-devel-list mailing list