Hi folks, I've been trying to use X509_set_verify() and an associated callback function to allow me to override the standard verification if necessary. According to the O'Reilly OpenSSL book, this function gets called on every connection, and allows the callback to alter the ok value, thus allowing the application to override. However, when I look at the source code, I notice that this is not true, as the callback is made only if the verification fails. Furthermore, if the application alters the return value to true (thus overriding the failure) then everything crashes in flames (at least on my embedded platform). While I am hunting for the bug, can anybody confirm any of the above? Is anybody aware of this behaviour?
Thanks for your time Steve ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
