RE: Problem using SSL_set_verify with a callback

Mon, 30 Jul 2001 01:37:09 -0700 

Thanks for the patch. It solved the problem alright.

One problem that I found though:

I am building openssl on Windows NT as a DLL. The SSLeay32 would complain
that X509_STORE_CTX_set_verify_cb is an unresolved symbol.

I added the following line to util/libeay.num:
X509_STORE_CTX_set_verify_cb            2467    EXIST::FUNCTION:

and it solved the problem.

I must admit that I'm not sure what the libeay.num does and if what I did is
OK but at least empirically it works ;-)

Please let me know if the addition to the libeay.num is OK.

Thanks again for your very quick and helpful response,

Ori.

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
Sent: Friday, July 27, 2001 8:47 PM
To: [EMAIL PROTECTED]
Subject: Re: Problem using SSL_set_verify with a callback


On Thu, Jul 26, 2001 at 07:00:01PM +0300, Ori Yosefi wrote:
> I've been trying to write a server application that for some resources
> requests a client certificate from the user.
>
> I call SSL_CTX_load_verify_locations and SSL_CTX_set_client_CA_list before
> starting listening on the socket and then analyze the requests and for
some
> requests I call SSL_set_verify with a callback function (with mode
> SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE).
>
> I then call SSL_renegotiate to actually request the certificate.
>
> I see that the connection is indeed renegotiated and that a client
> certificate is requested by the server. I also see that the server
receives
> the client certificate (both through step debugging and through the info
> callback) but my call back function is never called.
...

Could you please apply the attached patch to the openssl-source and test
again?
It should bring the behaviour up to the state of the documentation :-)

Best regards,
        Lutz
--
Lutz Jaenicke                             [EMAIL PROTECTED]
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to