Ralf Haferkamp wrote:
In case of certificate verification failures I'd like to include the
verification error message ("certificate has expired", "unable to get
certificate", ...) in the diagnostic errormessage.
For that I need pass the tls_session* as an extra argument to the
TI_session_errmsg functions (for openssl I need the SSL* handle to get the
verification error). Does anyone see a problem with this?
No problem, that's a completely internal API, can change as needed.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/