JBYTuna via RT wrote:
When an OpenSSL server built on z/OS is using client verification, the
following error is incurred:
0x140890b2 - error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate returned
From tracing, we found the correct certificate was being returned. We found
the code in crypto/x509/x509_vfy.c will not work in an EBCDIC environment, as
the data is in ASCII. The solution is to translate the ASCII to EBCDIC, prior
to the validation process.
John B. Young
Here's the patch, in diff -u form:
The patch is already contained in "#843: EBCDIC patches for 0.9.7c"
(http://rt.openssl.org/Ticket/Display.html?id=843&user=guest&pass=guest),
which has been updated to 0.9.7j by Jeremy Grieshop. That patch contains
also a second ASCII to EBCDIC conversion after the X509_time_adj in the
region of line 960.
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
