On Wed, Nov 29, 2017 at 1:54 PM, Viktor Dukhovni <openssl-us...@dukhovni.org > wrote:
> On Wed, Nov 29, 2017 at 09:56:35AM +0100, Jan Just Keijser wrote: > > > Try adding this to the verify_callback > > > > > > static int verify_callback(int ok, X509_STORE_CTX *ctx) > > { > > X509 *cert = NULL; > > char *cert_DN = NULL; > > > > printf("ok = %d\n", ok); > > cert = X509_STORE_CTX_get_current_cert(ctx); > > cert_DN = X509_NAME_oneline( X509_get_subject_name( cert ), NULL, 0 > ); > > printf( "cert DN: %s\n", cert_DN); > > > > } > > You've left out the final "return ok;", and there's a new memory > leak. Closer would be: > > static int verify_callback(int ok, X509_STORE_CTX *ctx) > { > X509 *cert = NULL; > char *cert_DN = NULL; > > printf("ok = %d\n", ok); > cert = X509_STORE_CTX_get_current_cert(ctx); > cert_DN = X509_NAME_oneline( X509_get_subject_name( cert ), NULL, > 0 ); > printf( "cert DN: %s\n", cert_DN); > > OPENSSL_free(cert_DN); > return ok; > } > > With that code I've got this: > ok = 0 > cert DN: /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd > Handshake Error 1 > I can't really understand why this is happen since I'm creating the certificates with the right way (at least I guess I'm doing this in the right way). Thanks for your help. Kind regards.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users