- Original Message -
From: Bodo Moeller <[EMAIL PROTECTED]>
To: Claus Assmann <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, November 17, 1999 9:37 AM
Subject: Re: client authentication (SSL_CTX_set_verify)
> On Tue, Nov 16, 1999 at 08:08:21PM -0800
On Tue, Nov 16, 1999 at 08:08:21PM -0800, Claus Assmann wrote:
> Thanks for the notification. A related question:
> If the callback always returns 1, does
> SSL_get_verify_result()
> nevertheless return the correct value?
> i.e., X509_V_OK iff the certificate could be verified?
Yes, if the appli
On Tue, Nov 16, 1999, Bodo Moeller wrote:
> On Sun, Aug 08, 1999 at 03:05:26PM +, Bodo Moeller wrote:
> > Claus Assmann <[EMAIL PROTECTED]>:
> >> how do I correctly set the verify_mode? Reading the code,
> >> SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_PEER seem to be useful for
> >> my purpose (tr
On Sun, Aug 08, 1999 at 03:05:26PM +, Bodo Moeller wrote:
> Claus Assmann <[EMAIL PROTECTED]>:
[...]
>> how do I correctly set the verify_mode? Reading the code,
>> SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_PEER seem to be useful for
>> my purpose (try to verify the client, but don't fail).
[...]
On Sun, Aug 08, 1999 at 06:24:04PM -0700, Claus Assmann wrote:
> I use some slightly different code
> than your example which worked for my tests:
>
> init:
> SSL_CTX_set_verify(ctx, SSL_VERIFY_CLIENT_ONCE | SSL_VERIFY_PEER, verify_cb);
>
> static int verify_cb(int
On Sun, Aug 08, 1999, Bodo Moeller wrote:
> Claus Assmann <[EMAIL PROTECTED]>:
> >>> Question: is there some simple way to find out whether the client
> >>> has been authenticated? I registered a callback with SSL_CTX_set_verify,
> >>> but I don't completely understand it...
Thanks again for you
Bodo Moeller <[EMAIL PROTECTED]>:
[...]
> SSL_CTX_set_cert_verify_callback takes two arguments, the second of
> which is never used. Obviously the idea was the second one would be
> passed to the callback -- this will likely be done so in OpenSSL
> 0.9.5. All your callback has to do is call X50
Claus Assmann <[EMAIL PROTECTED]>:
>>> Question: is there some simple way to find out whether the client
>>> has been authenticated? I registered a callback with SSL_CTX_set_verify,
>>> but I don't completely understand it...
>> Do you have to use a callback? You can use SSL_get_verify_result
>
On Thu, Aug 05, 1999 at 01:28:56PM -0700, Claus Assmann wrote:
> Question: is there some simple way to find out whether the client
> has been authenticated? I registered a callback with SSL_CTX_set_verify,
> but I don't completely understand it...
Do you have to use a callback? You can use SSL_
Question: is there some simple way to find out whether the client
has been authenticated? I registered a callback with SSL_CTX_set_verify,
but I don't completely understand it...
I need this information in my application which makes certain
decisions based on it (e.g. allow different operations).
10 matches
Mail list logo