On Wed, Nov 29, 2017 at 1:54 PM, Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote:
On Wed, Nov 29, 2017 at 09:56:35AM +0100, Jan Just Keijser wrote:
> Try adding this to the verify_callback
>
>
> static int verify_callback(int ok, X509_STORE_CTX *ctx)
> {
> X509 *cert = NULL;
> char *cert_DN = NULL;
>
> printf("ok = %d\n", ok);
> cert = X509_STORE_CTX_get_current_cert(ctx); You've left out the final "return ok;", and there's a new memory
> cert_DN = X509_NAME_oneline( X509_get_subject_name( cert ), NULL, 0 );
> printf( "cert DN: %s\n", cert_DN);
>
> }
leak. Closer would be:
static int verify_callback(int ok, X509_STORE_CTX *ctx)
{
X509 *cert = NULL;
char *cert_DN = NULL;
printf("ok = %d\n", ok);
cert = X509_STORE_CTX_get_current_cert(ctx); OPENSSL_free(cert_DN);
cert_DN = X509_NAME_oneline( X509_get_subject_name( cert ), NULL, 0 );
printf( "cert DN: %s\n", cert_DN);
return ok;
}
With that code I've got this:
ok = 0
cert DN: /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
Handshake Error 1
I can't really understand why this is happen since I'm creating the certificates with the right way (at least I guess I'm doing this in the right way).
Thanks for your help.
Kind regards.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
