generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add 'void *' argument to app_verify_callback.

Browse Source 
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
This commit is contained in:
Bodo Möller
2002-02-28 10:55:52 +00:00
parent 6d1a837df7
commit 48781ef7f7
8 changed files with 89 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
ssl/ssltest.c
View File

@@ -158,6 +158,10 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
static void free_tmp_rsa(void);
#endif
static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
#define APP_CALLBACK "Test Callback Argument"
static char *app_verify_arg = APP_CALLBACK;
#ifndef OPENSSL_NO_DH
static DH *get_dh512(void);
static DH *get_dh1024(void);
@@ -336,6 +340,7 @@ int main(int argc, char *argv[])
int tls1=0,ssl2=0,ssl3=0,ret=1;
int client_auth=0;
int server_auth=0,i;
int app_verify=0;
char *server_cert=TEST_SERVER_CERT;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
@@ -489,6 +494,10 @@ int main(int argc, char *argv[])
{
comp = COMP_RLE;
}
else if (strcmp(*argv,"-app_verify") == 0)
{
app_verify = 1;
}
else
{
fprintf(stderr,"unknown option %s\n",*argv);
@@ -640,12 +649,20 @@ bad:
SSL_CTX_set_verify(s_ctx,
SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
if (app_verify)
{
SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
}
}
if (server_auth)
{
BIO_printf(bio_err,"server authentication\n");
SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
verify_callback);
if (app_verify)
{
SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
}
}
{
@@ -1433,6 +1450,25 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
return(ok);
}
static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
{
char *s = NULL,buf[256];
int ok=1;
fprintf(stderr, "In app_verify_callback, allowing cert. ");
fprintf(stderr, "Arg is: %s\n", (char *)arg);
fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
(unsigned int)ctx, (unsigned int)ctx->cert);
if (ctx->cert)
s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
if (s != NULL)
{
fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
}
return(ok);
}
#ifndef OPENSSL_NO_RSA
static RSA *rsa_tmp=NULL;