Is like that, meet a problem now is on the server call SSL_CTX_set_verify (CTX, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL) this method, whether the client certificate can, when the normal operation of this method if the client didn't give the server certificate, communication will fell through, but the actual use is not like this.
Part of the code is as follows, please everyone a great god help me have a look at
Int err;
Int listen_sd;
Int sd;
Struct sockaddr_in sa_serv;
Struct sockaddr_in sa_cli;
Size_t client_len;
An SSL_CTX * CTX;
SSL * SSL;
X509 * client_cert;
Char * STR;
Char buf [4096].
SSL_METHOD * meth;
WSADATA WSADATA;
If (WSAStartup (MAKEWORD (1, 1), & amp; WsaData))
{
exit(1);
}
SSL_load_error_strings ();
SSLeay_add_ssl_algorithms ();
Meth=SSLv23_server_method ();
CTX=SSL_CTX_new (meth);
if (! CTX) {
ERR_print_errors_fp (stderr);
The exit (2);
}
SSL_CTX_set_verify (CTX, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
If (SSL_CTX_use_certificate_file (CTX, CERTF SSL_FILETYPE_PEM) & lt;=0) {
ERR_print_errors_fp (stderr);
The exit (3);
}
If (SSL_CTX_use_PrivateKey_file (CTX, KEYF SSL_FILETYPE_PEM) & lt;=0) {
ERR_print_errors_fp (stderr);
The exit (4);
}
if (! SSL_CTX_check_private_key (CTX)) {
Fprintf (stderr, "Private key does not match the certificate public key \ n");
The exit (5);
}
SSL_CTX_set_verify (CTX, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
Listen_sd=socket (AF_INET SOCK_STREAM, 0).
CHK_ERR (listen_sd, "socket");
Memset (& amp; Sa_serv, '\ 0', sizeof (sa_serv));
Sa_serv. Sin_family=AF_INET;
Sa_serv. Sin_addr. S_addr=INADDR_ANY;
Sa_serv. Sin_port=htons (8443);