Re: preliminary SSL client
Brought to you by:
tyranny
Menu
▾
▴
Re: preliminary SSL client
|
From: Alexey M. <al...@hs...> - 2001-08-25 22:02:34
|
>>>>> "m" == minyard <mi...@ac...> writes: m> Ok, I've looked through the code, and I see you are not doing any m> certificate verification. I believe you have to add a call to: m> SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); on the context m> before doing anything. Ah, thanks, I'll try that. m> However, I didn't see any server code in your stuff, so I assume m> you are using my server for this? No, I decided very long ago to do the first minimal implementation of SSLified server with a help from stunnel, so only the client needs actual SSL code inside. I think that's going to be rather useful setup anyways. However, this scheme allows only server certificates verification. There is a demand for client certificate verification (w/o the login/password at all), and that will be implemented too some day (and would require minimal changes in client code, I believe). --alexm |
