I have an unusual problem - I'm writing a "connection server" kind of application and to make a long story short, I have a number of pending outgoing ssl connections and I need to look at the certificate which each presents to determine how to handle the connection.
With that in mind I use the SSL_set_verify() to set a callback to examine the presented certificate i.e. void SSL_set_verify(SSL *s, int mode, int (*verify_callback)(int, X509_STORE_CTX *)); Unfortunately there is no opportunity to provide a user argument to match up a presented certificate with its corresponding pending connection - the callback presents only the preverify result and the context store which I can use to retrieve the certificate. (For the incoming facing connection I used SSL_CTX_set_tlsext_servername_callback(..) for which SSL_CTX_set_tlsext_servername_arg(...) provides a user argument which works great.) Any suggestions on how to get around this problem? (Did I mention that I'm doing this in boost? That shouldn't have any bearing on the solution though.) --- Nou Dadoun ndad...@teradici.com 604-628-1215 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org