Hey guys, I am currently working on an openssl backend for glib and I got to a point where I am blocked and maybe you can help me understand what I am doing wrong. First of all the source code can be found here: https://github.com/nice-software/glib-networking/tree/wip/openssl The problem is the next, on one of our unit tests we require a specific authentication, meaning that I endup calling SSL_set_verify, as you can see here: https://github.com/nice-software/glib-networking/blob/wip/openssl/tls/openssl/gtlsserverconnection-openssl.c#L127 This should make the server require the client to send the certificate but for some reason this certificate is never sent and I endup having an error when handshaking. I was reading that I can just simply set the certificate callback as I do here: https://github.com/nice-software/glib-networking/blob/wip/openssl/tls/openssl/gtlsclientconnection-openssl.c#L437 This callback gets called and I set the certificate but adding some debugging on openssl's code I see I keep getting that the server does not get the certificate. Here is a extract of the printfs I added to the openssl code. Any ideas? server, accept server, get client hello: 1 server, send server hello: 1 server, send server cert: 1 server, send cert request: 1 connect1 get server hello: 1 get key exchange: 1 get cert request: 1 get server done: 1 do client cert cb: 1 do client cert cb2: 1 do client cert cb4: 1 do client cert cb do write send client cert: 1 send client key exchange: 1 send client verify: 1 change cipher spec: 1 send finished: 1 server, check client hello: 1 server, get client cert: -1 server, accept2: -1 finish not ok get finsihed: 0 connect2: 0 Cheers. -- Ignacio Casal Quinteiro -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150824/6e017dc6/attachment.html>
