On Wed, Dec 18, 2013 at 02:59:58PM +0900, Kazu Yamamoto wrote:
HsOpenSSL doesn't have bindings for the needed functions (SSL_CTX_set_tlsext_servername_callback() / SSL_get_servername()) and the tls library (which I am personally reluctant to use for "crypto is hard to do right and you really want to use widely-audited code" reasons) doesn't seem to have an implementation yet either. OpenSSL support seems to be the easier nut to crack there.
[snip]
Then, I will tackle TLS stuff. If necessary, I will write bindings to OpenSSL.
I admire your courage of writing an OpenSSL binding. I hope you know what sort of library the "enterprise grade" OpenSSL actually is. Last time I checked there was zero documentation, there seems to be a wiki now. In case you plan to read the source code, make sure you wear a helmet. We definitely do not want you to sustain head injuries while banging your head. Regards ppk