[OPENSSL-USERS] More about SSL-MZTelnet

Tue, 25 May 1999 03:22:51 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi to all of you,

Well... I'm back with more SSL-MZTelnet problems. As you know I'm trying to
use SSLeay and SSL-MZTelnet to create a client authetication method using
certificates in a TELNET environment.

I've been trying some more options and now I've got a big question that I
hope you can answer me.

In all of my test I can't passover the password authentication, so I've
been studying source code. On lib/libtelnet/ssl.c, I've found a function
'auth_ssl_status', This look for a subject name on /etc/ssl.users in order
to authenticate the client, but It only do it if 'auth_ssl_name' is
diferent from NULL. The value of this var is give it on
'server_verify_callback' (at same module).

'server_verify_callback' is only used on ''auth_ssl_is', where it do a
'SSL_set_verify', It assigns itself to a field of a SSL struct. 

When I try to find where it is used (doing a greep over all source tree) I
can't found where it is... So.. the source code that is responsible about
client authentication without password is never executed... �?�?

I've seen an older SSLeay version (without Client authentication) and I've
seen that 'server_verify_callback' is called 'verify_callback'. May be...
when you pass to SSLv3 you forget to change some function references (?)

Anyone can help me? 

Thanks a lot, and please sorry for my poor english...

                                        Paco


- ---------------------------------------------------------------------------
O O O     Paco Orozco - [EMAIL PROTECTED]
O O O     Edifici Vertex - Soterrani 1
O O O     Serveis Inform�tics Generals
U P C      Universitat Polit�cnica de Catalunya.
               ICQ#: 14366596
- ---------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.0.2i

iQA/AwUBN0p3CpnrIbaIrtsjEQL3PACfRdraEWkfky7gscqYT9rNB/6RG3wAnRCR
C4XGY112CTlHuz8daRAi+uk3
=rJEj
-----END PGP SIGNATURE-----

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to