Re: preliminary SSL client
Brought to you by:
tyranny
Menu
▾
▴
Re: preliminary SSL client
|
From: Alexey M. <al...@hs...> - 2001-08-26 18:21:23
|
>>>>> "m" == minyard <mi...@ac...> writes:
m> Ok, I've looked through the code, and I see you are not doing any
m> certificate verification. I believe you have to add a call to:
m> SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); on the context
m> before doing anything.
Whoa! 'Twas all my fault. Basically the patch is:
while (len > 0) {
int n = SSL_read(ssl, buf + nread, len);
- long ssl_err = SSL_get_error(ssl, nread);
+ long ssl_err = SSL_get_error(ssl, n);
if (ssl_err == SSL_ERROR_ZERO_RETURN)
break;
It passes simple tests with stunnelled cvs pserver. More details to
follow.
--alexm
|
