On Tue, Oct 20, 2009 at 10:11:46AM +0200, Peter Sylvester wrote: > > A better question is to match a given hostname > against a certificate and determine whether it > obeys the https rules. > There can be multiple hostnames and wild cards. > > The code implemented by "curl" is a complete way to do this.
This code only handles the NUL byte issue in the latest 7.19.6 release, so don't copy the code from earlier versions. It does not support subjectAltName extensions. Otherwise, it is indeed essentially what is required. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org