wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add wolfSSL_CTX_SetCertCbCtx to set user context for CB

Browse Source
This commit is contained in:
Eric Blankenhorn
2022-03-30 12:14:16 -05:00
parent 366f159fbb
commit ea38e1aab5
5 changed files with 53 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
doc/dox_comments/header_files/ssl.h
View File

@ -2614,6 +2614,35 @@ WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callbac
*/ */
WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*); WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*);
/*!
\ingroup CertsKeys
\brief This function stores user CTX object information for verify callback.
\return none No return.
\param ctx a pointer to a WOLFSSL_CTX structure.
\param userCtx a void pointer that is used to set WOLFSSL_CTX structures
verifyCbCtx members value.
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
void* userCtx = NULL; // Assign some user defined context
...
if(ctx != NULL){
wolfSSL_SetCertCbCtx(ctx, userCtx);
} else {
// Error case, the SSL is not initialized properly.
}
\endcode
\sa wolfSSL_CTX_save_cert_cache
\sa wolfSSL_CTX_restore_cert_cache
\sa wolfSSL_CTX_set_verify
*/
WOLFSSL_API void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX*, void*);
/*! /*!
\ingroup IO \ingroup IO

14
src/internal.c
View File

@ -11293,7 +11293,19 @@ int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl, int ret,
store->error_depth = args->certIdx; store->error_depth = args->certIdx;
store->discardSessionCerts = 0; store->discardSessionCerts = 0;
store->domain = domain; store->domain = domain;
store->userCtx = (ssl != NULL) ? ssl->verifyCbCtx : cm; if (ssl != NULL) {
if (ssl->verifyCbCtx != NULL) {
/* Use the WOLFSSL user context if set */
store->userCtx = ssl->verifyCbCtx;
}
else {
/* Else use the WOLFSSL_CTX user context */
store->userCtx = ssl->ctx->verifyCbCtx;
}
}
else {
store->userCtx = cm;
}
store->certs = args->certs; store->certs = args->certs;
store->totalCerts = args->totalCerts; store->totalCerts = args->totalCerts;
#if defined(HAVE_EX_DATA) && \ #if defined(HAVE_EX_DATA) && \

9
src/ssl.c
View File

@ -12572,6 +12572,15 @@ void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx)
} }
/* store user ctx for verify callback */
void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx)
{
WOLFSSL_ENTER("wolfSSL_CTX_SetCertCbCtx");
if (ctx)
ctx->verifyCbCtx = userCtx;
}
/* store context CA Cache addition callback */ /* store context CA Cache addition callback */
void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb) void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb)
{ {

1
wolfssl/internal.h
View File

@ -2905,6 +2905,7 @@ struct WOLFSSL_CTX {
CallbackSetPeer CBSetPeer; CallbackSetPeer CBSetPeer;
#endif #endif
VerifyCallback verifyCallback; /* cert verification callback */ VerifyCallback verifyCallback; /* cert verification callback */
void* verifyCbCtx; /* cert verify callback user ctx*/
#ifdef OPENSSL_ALL #ifdef OPENSSL_ALL
CertVerifyCallback verifyCertCb; CertVerifyCallback verifyCertCb;
void* verifyCertCbArg; void* verifyCertCbArg;

1
wolfssl/ssl.h
View File

@ -1199,6 +1199,7 @@ WOLFSSL_API int wolfSSL_set_post_handshake_auth(WOLFSSL* ssl, int val);
#endif #endif
WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx); WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_pending(WOLFSSL* ssl); WOLFSSL_ABI WOLFSSL_API int wolfSSL_pending(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_has_pending(const WOLFSSL* ssl); WOLFSSL_API int wolfSSL_has_pending(const WOLFSSL* ssl);