Re: [openssl-users] SSL_shutdown:shutdown while in init

On 18/10/2017 11:14, Matt Caswell wrote: On 17/10/17 21:27, Chris Bare wrote: I have the following code: setup_ssl (char *server_name, char *port, SSL_CTX *ctx) {     BIO *output = BIO_new_ssl_connect (ctx);     if (!output)     {         return (NULL);     }     BIO_get_ssl (output, );

Re: [openssl-users] CRL signature verification

➢ I was more talking about the parsing. Currently I have 40 LOC [1] to Look at X509_get1_ocsp which is in crypto/x509v3/v3_utl.c That’s in 1.0.2 and later ➢ > X509_CRL_verify. And yes, looking through to find the serial# is what you have to do. ➢ That's 1.1-specific, correct?

Re: [openssl-users] CRL signature verification

Hi Rich, On 18-10-17 17:46, Salz, Rich via openssl-users wrote: > ➢ I used libcrypto to parse out the OCSP URL from the certificate validate > it against a whitelist of valid OCSP URLs, send an OCSP request and > validate the response and its signature against a custom certificate >

Re: [openssl-users] Where is mttest.c?

In message <131801d34857$50fe15e0$f2fa41a0$@mcn.org> on Wed, 18 Oct 2017 14:23:18 -0700, "Charles Mills" said: charlesm> Sorry – OpenSSL is not what I do every day. charlesm> charlesm> I see in the man pages a reference to crypto/threads/mttest.c. That's the 1.0.2 manpages,