On Tue, Nov 15, 2011, Tobias Nissen wrote: > Hi, > > I'm indirectly using OpenSSL through Net::SSLeay¹, which I use through > AnyEvent::TLS². AnyEvent::TLS provides the means to define a custom > verification mechanism by setting verify_cb³. Here's an example (keys > included): > > http://paste.scsys.co.uk/159837 > > If the custom verification callback decides a peer is bad, it shall > return 0 and return 1 otherwise. If 0 is returned, this warning is > produced: > > ssl3_get_client_certificate: no certificate returned > > It's only a warning which does not seem to impair functionality; no > warning is printed if 1 is returned. > > I've already asked on the AnyEvent mailing list???, but the author of > AnyEvent::TLS couldn't really nail it down either. Can you help me? > Why is this warning printed and what could be done to eliminate the > problem? >
The warning isn't printed by OpenSSL it is an error code. So perhaps the wrapper is printing the error? I don't know about that wrapper but you should set a verify return code using SSL_set_verify_result() and if you want it to fail if no certificate is returned you should also include the flag SSL_VERIFY_FAIL_IF_NO_PEER_CERT Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org