Re: [Libevent-users] evhttp and TLS hostname validation

[Nick Mathewson <nickm@xxxxxxxxxxxxx>]

On Sat, Dec 8, 2012 at 6:03 AM, Patrick Pelletier <ppelletier@xxxxxxxxxx> wrote:

> However, it's not clear to me how to work the validation function
> (validate_hostname) into evhttp's control flow.  It seems that I would need
> to call validate_hostname after the TLS handshake occurs, but before evhttp
> starts transferring data.  But, I don't know how to get evhttp to hand over
> control to me at that time, so I can call validate_hostname.

I might be missing something, but have you looked at
SSL_CTX_set_verify and SSL_CTX_set_verify_callback? It would appear
that openssl lets you pass it a function to be used to help validating
certificates.

yrs,
-- 
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.