Package: openssl Version: 1.0.1c-4 Severity: important Hello,
I tried to get certificate validation working in an application using OpenSSL. I added to call the verification routine and it rejects invalid certificates all right but forwarding the server connection through local inetd+nc does not produce an error. Looking for working applications I tried openssl s_client and it verifies the hijacked connection too. Is there any example of application using openssl that can correcly verify server certificates at all? Thanks Michal -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (910, 'testing'), (900, 'stable'), (410, 'unstable'), (200, 'experimental'), (150, 'precise-updates'), (150, 'precise-security'), (150, 'precise') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openssl depends on: ii libc6 2.13-35 ii libssl1.0.0 1.0.1c-4 ii zlib1g 1:1.2.7.dfsg-13 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20120623 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
