<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I got that book.... that's what I've been working with.<br>
<br>
It looks like there have been some internal changes in OpenSSL and
this is no longer "appropriate" to use as null dereferences may
occur (well, ok, maybe a bit more than "may") :-)<br>
<br>
Got some ideas here, thanks... I think I'm pointed in the right
direction.<br>
<br>
<div class="moz-cite-prefix">On 1/10/2016 21:19, Judson Wilson
wrote:<br>
</div>
<blockquote
cite="mid:CAB=4g8L5HL8bsyMBk6XyYPrbLftCutFxRwyitDtfso3yGu1QSQ@mail.gmail.com"
type="cite">
<div dir="ltr">I think what you want might be found in the book
"Network Security with OpenSSL" from the year 2002, and the same
code snippit can be found here:
<div><br>
<a moz-do-not-send="true"
href="http://www.cs.odu.edu/%7Ecs772/ssl/c-examples/NSopenssl/common.c">http://www.cs.odu.edu/~cs772/ssl/c-examples/NSopenssl/common.c</a><br>
</div>
<div><br>
</div>
<div>look for "post_connection_check".</div>
<div><br>
</div>
<div>This is just something I remember from reading. I have no
experience with it.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Sun, Jan 10, 2016 at 7:07 PM, Karl
Denninger <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:karl@denninger.net" target="_blank">karl@denninger.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Yeah, now I just have
to figure out how to parse the X509 Extension data from
the certificate to pull out the SubjectAltName
information.... :-)<br>
<br>
There wouldn't be a snippet of code laying around
somewhere that does that given a X509 cert as input would
there? It looks a bit arcane....<span class=""><br>
<br>
<div>On 1/10/2016 21:04, Judson Wilson wrote:<br>
</div>
</span>
<blockquote type="cite"><span class="">
<div dir="ltr">It's always good to start with the
s_client and s_server programs for incrementally
verifying compatibility in your new programs. Those
would have failed on your certificates, alerting you
it's not a program problem.</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0
0 .8ex;border-left:1px #ccc
solid;padding-left:1ex"><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
</span><span class="">
<pre>_______________________________________________
openssl-users mailing list
To unsubscribe: <a moz-do-not-send="true" href="https://mta.openssl.org/mailman/listinfo/openssl-users" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a>
</pre>
</span></blockquote>
<span class=""> <br>
<div>-- <br>
Karl Denninger<br>
<a moz-do-not-send="true"
href="mailto:karl@denninger.net" target="_blank">karl@denninger.net</a><br>
<i>The Market Ticker</i><br>
<font size="-2"><i>[S/MIME encrypted email preferred]</i></font>
</div>
</span></div>
<br>
_______________________________________________<br>
openssl-users mailing list<br>
To unsubscribe: <a moz-do-not-send="true"
href="https://mta.openssl.org/mailman/listinfo/openssl-users"
rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
openssl-users mailing list
To unsubscribe: <a class="moz-txt-link-freetext" href="https://mta.openssl.org/mailman/listinfo/openssl-users">https://mta.openssl.org/mailman/listinfo/openssl-users</a>
</pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
Karl Denninger<br>
<a href="mailto:karl@denninger.net">karl@denninger.net</a><br>
<i>The Market Ticker</i><br>
<font size="-2"><i>[S/MIME encrypted email preferred]</i></font>
</div>
</body>
</html>