I got that book.... that's what I've been working with. It looks like there have been some internal changes in OpenSSL and this is no longer "appropriate" to use as null dereferences may occur (well, ok, maybe a bit more than "may") :-) Got some ideas here, thanks... I think I'm pointed in the right direction. On 1/10/2016 21:19, Judson Wilson wrote: > I think what you want might be found in the book "Network Security > with OpenSSL" from the year 2002, and the same code snippit can be > found here: > > http://www.cs.odu.edu/~cs772/ssl/c-examples/NSopenssl/common.c > <http://www.cs.odu.edu/%7Ecs772/ssl/c-examples/NSopenssl/common.c> > > look for "post_connection_check". > > This is just something I remember from reading. I have no experience > with it. > > On Sun, Jan 10, 2016 at 7:07 PM, Karl Denninger <karl at denninger.net > <mailto:karl at denninger.net>> wrote: > > Yeah, now I just have to figure out how to parse the X509 > Extension data from the certificate to pull out the SubjectAltName > information.... :-) > > There wouldn't be a snippet of code laying around somewhere that > does that given a X509 cert as input would there? It looks a bit > arcane.... > > On 1/10/2016 21:04, Judson Wilson wrote: >> It's always good to start with the s_client and s_server programs >> for incrementally verifying compatibility in your new programs. >> Those would have failed on your certificates, alerting you it's >> not a program problem. >> >> >> >> >> >> >> _______________________________________________ >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- > Karl Denninger > karl at denninger.net <mailto:karl at denninger.net> > /The Market Ticker/ > /[S/MIME encrypted email preferred]/ > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Karl Denninger karl at denninger.net <mailto:karl at denninger.net> /The Market Ticker/ /[S/MIME encrypted email preferred]/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160110/0c6ec63b/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2996 bytes Desc: S/MIME Cryptographic Signature URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160110/0c6ec63b/attachment-0001.bin>