Phil Burgard <[EMAIL PROTECTED]>:
> I decided to test between machines and realized that
> the client is not checking the hostname of the server against the contents
> of the server certificate for validation. I say that because the verify
> callback provides a value of 1 (OK) coming in to the function. My
> understanding was that this check was inherent in server certificate
> authentication.
No, it's not -- but applications can, of course, check the peer's
hostname if the SSL library tells them that the certificate itself is
acceptable. The SSL library does not care about host names.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
