[EMAIL PROTECTED] wrote:
Nils,
The basic succession of calls are as follows. I think the program waits
for an ssl_read or ssl_write to implicitly trigger the handshake process.
meth = TLSv1_client_method()
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
SSL_CTX_new(meth);
ssl = SSL_new( ctx );
sbio = BIO_new_socket( sock, BIO_NOCLOSE );
SSL_set_bio( ssl, sbio, sbio );
SSL_set_connect_state( ssl );
iSslInitStatus = SSL_in_init( ssl );
After that, the only API calls are ssl_read(), ssl_write() and an
occasional SSL_pending( ssl ).
well, if no location for the certs is explicitly set the certificates
in $OPENSSL_DIR/certs/ and the cert in $OPENSSL_DIR/cert.pem are used
(if present). The value of OPENSSLDIR is defined in opensslconf.h
(or type "openssl version -a").
As you already wrote that there are no certificates on your disk
it would be interessting to know if the functions for cert verification
are modified in your openssl version (possible to a engine for
cert validation).
Cheers,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
