Asked a bit too soon it seems, I just found the PeerCert.VerifyResult,
which is 0 if authentication is OK.
If some can confirm this is indeed the trick that would be great.
Merijn
On 12/06/2015 15:58, Merijn Bosma wrote:
Hi all,
I'm currently setting up a connection using OpenSSL for the first time.
Things are going well, but I'm unsure when I can conclude (on server
side) that a client is fully authenticated.
I'm looking into the OnClientConnected, OnClientDisconnected and
OnSSLHandshakeDone events.
For a client with a valid certificate (which connects and
authenticates fine), I see this order of events:
15:51:33.918 - client connected ip: 127.0.0.1 (0)
15:51:34.518 - SSL handshake done: 127.0.0.1
Which looks great. However, for a client which does not have a valid
certificate I see this order of events:
15:53:26.534 - client connected ip: 127.0.0.1 (0)
15:53:27.118 - SSL handshake done: 127.0.0.1
15:53:27.121 - client disconnected ip: 127.0.0.1 (10053)
Even though the client isn't authenticated yet, I already get an SSL
handshake done event.
I suspect I need to inspect the PeerCert argument which is supplied in
the OnSSLHandshakeDone event to see if authentication went ok, but I'm
not sure what to look for.
Or is there an other event I can use?
Hope someone can advise.
Thanks in advance,
Merijn
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be