On Mon, Jul 21, 2003 at 12:12:49PM -0400, Jue (Jacky) Shu wrote: > hi all, > > maybe it is not a SSL question. I want to make post-connection assertion to > prevent man-in-the-middle attack. But I don't know how to get FQDN of the > peer side(Not from peer's certificate, it must be other side's real address). > Is there any socket fucntion to get peer's FQDN? > thank you in advance. > > Jacky
this makes sense for a client connecting to some server. The client use some FQDN (user input? configuration file?) to pass it to DNS and do connect() to the host. So the client could check whether the host respond with that FQDN as the common name of server certificate. hope this helps, Vadim ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
