I tested it under RedHat Linux 6.2 and Windows 9x. It worked for me :-}
The RAND_??? functions is to make sure that there is a sufficients
source of random numbers for generating the random session keys for SSL.
The functions with "verify" in them is there to tell the server or
client where the public keys and the CA's public keys are for verifying
the other's keys. Those keys and the symbolic links associated with them
is pretty important.
Robert Sandilands
Albert Serra wrote:
>
> Does it work?
>
> Because what exact commands do you have to add if you want client
> authentication on serv.cpp and cli.cpp?
>
> I have tried it following the code I have found on sslcli.cpp and
> sslsrv.cpp and it doen't work. If somenone wants to help me, (I work
> on a Sun WS) , what is the mean of RAND_load_file and
> RAND_set_rand_method and if SSL_CTX_SET_verify is only to verify or
> something else
>
> thanks
>
> ciao
>
> Robert Sandilands wrote:
>
> > I did post the sources. This time I'll post some url's.
> >
> > http://www.aquasecurity.com/protect/other/sslcli.cpp
> > http://www.aquasecurity.com/protect/other/sslsrv.cpp
> >
> > Hope it helps.
> >
> > Robert Sandilands
> >
> > Lutz Jaenicke wrote:
> > >
> > > Hi Robert,
> > >
> > > not even one month ago we had a discussion about client
> > certificate
> > > verification on OpenSSL-Users.
> > > As you might guess, the topic is back...
> > >
> > > In the older thread (that seems to be difficult to find in the
> > archives
> > > for any reason whatsoever), you offered to post your modified
> > sources:
> > > ...If there is interest
> > > I'll post a modified demos/ssl/cli.cpp and demos/ssl/serv.cpp that
> >
> > > compiles under both Linux and Windoze and where this feature
> > works.
> > >
> > > I think, it is now time to publish your code :-)
> > >
> > > Whould you kindly put up your code somewhere and post the
> > location?
> > > I have not seen it and it is up to the members of the OpenSSL core
> >
> > > team to have a look into your work, but maybe it can be used to
> > > replace/enhance the examples in the package...
> > >
> > > On Thu, Jun 29, 2000 at 02:47:01PM +0200, Emre A. Binisik wrote:
> > > >
> > > > I'd like to know the answer and I havent found the mails
> > > > after I ckecked the keyword in my mail folder.
> > > >
> > > > On Thu, 29 Jun 2000, Lutz Jaenicke wrote:
> > > > > This topic has been discussed recently on this list.
> > > > > Please check the mailing list archives for the following
> > keywords:
> > > > > SSL_CTX_set_verify() [or SSL_set_verify()] and/or
> > > > > SSL_VERIFY_PEER, SSL_VERIFY_CLIENT_ONCE (all uppercase).
> > >
> > > Best regards and many thanks in advance,
> > > Lutz
> > > --
> > > Lutz Jaenicke
> > [EMAIL PROTECTED]
> > > BTU Cottbus
> > http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> > > Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355
> > 69-4129
> > > Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355
> > 69-4153
> > >
> > ______________________________________________________________________
> >
> > > OpenSSL Project
> > http://www.openssl.org
> > > User Support Mailing List
> > [EMAIL PROTECTED]
> > > Automated List Manager
> > [EMAIL PROTECTED]
> > _____________________
> > ________________________________________________
> > OpenSSL Project
> > http://www.openssl.org
> > User Support Mailing List
> > [EMAIL PROTECTED]
> > Automated List Manager
> > [EMAIL PROTECTED]
>
> --
> Albert SERRA
> ===========================================
> Integrated Systems Laboratory (DE/LSI-EPFL)
> email: [EMAIL PROTECTED]
>
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
