I have an unusual problem - I'm writing a "connection server" kind of
application and to make a long story short, I have a number of pending outgoing
ssl connections and I need to look at the certificate which each presents to
determine how to handle the connection.
With that in mind I use the SSL_set_verify() to set a callback to examine the
presented certificate i.e.
void SSL_set_verify(SSL *s, int mode,
int (*verify_callback)(int, X509_STORE_CTX *));
Unfortunately there is no opportunity to provide a user argument to match up a
presented certificate with its corresponding pending connection - the callback
presents only the preverify result and the context store which I can use to
retrieve the certificate.
(For the incoming facing connection I used
SSL_CTX_set_tlsext_servername_callback(..) for which
SSL_CTX_set_tlsext_servername_arg(...) provides a user argument which works
great.)
Any suggestions on how to get around this problem?
(Did I mention that I'm doing this in boost? That shouldn't have any bearing
on the solution though.)
---
Nou Dadoun
ndad...@teradici.com
604-628-1215
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
