On 5/21/2019 4:53 AM, Chethan Kumar wrote:
Why do you want the specific IP address? If the other end is behind a NAT device or similar (or a full-blown proxy) then that address is not meaningful in the context of actual identification as to the source of the communication.Thanks for the information.I researched more and found that tlsext_hostname member variable in SSL structure can be used to to get host name. If applications set this using SSL_set_tlsext_host_name(), is it correct to print hostname/IP in tlsext_hostname. Can I use this one to set hostname/Ip address.? Can applications acting as both server and client set this? Thanks in advance, Chethan Kumar
Better, if it is necessary to know who you're talking to, is for the client to present a certificate which the server can then verify as to validity and provenance; the client, of course, by definition has same capability against the server so it can verify that the server it thinks it is talking to is actually the one it's communicating with.
-- -- Karl Denninger /The Market-Ticker/ S/MIME Email accepted and preferred
smime.p7s
Description: S/MIME Cryptographic Signature
