Actually, I take that back, it does get called whether the chain passes or fails. However, it still crashes horribly when ok is altered. Any clues?
Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of steve thornton Sent: 26 June 2003 09:53 To: [EMAIL PROTECTED] Subject: Problem with X509_set_verify() Hi folks, I've been trying to use X509_set_verify() and an associated callback function to allow me to override the standard verification if necessary. According to the O'Reilly OpenSSL book, this function gets called on every connection, and allows the callback to alter the ok value, thus allowing the application to override. However, when I look at the source code, I notice that this is not true, as the callback is made only if the verification fails. Furthermore, if the application alters the return value to true (thus overriding the failure) then everything crashes in flames (at least on my embedded platform). While I am hunting for the bug, can anybody confirm any of the above? Is anybody aware of this behaviour? Thanks for your time Steve ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
