You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by pa...@apache.org on 2018/03/05 22:34:00 UTC
[trafficserver] branch master updated: Add declaration of
ssl_verify_client_callback
This is an automated email from the ASF dual-hosted git repository.
paziz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 8fbe879 Add declaration of ssl_verify_client_callback
8fbe879 is described below
commit 8fbe87975d3f0a4e10a9874577571fb269492318
Author: Persia Aziz <pe...@yahoo-inc.com>
AuthorDate: Mon Mar 5 11:13:23 2018 -0600
Add declaration of ssl_verify_client_callback
---
iocore/net/SSLUtils.cc | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index e7cd113..74dd5c9 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -392,6 +392,18 @@ done:
return retval;
}
+// Callback function for verifying client certificate
+int
+ssl_verify_client_callback(int preverify_ok, X509_STORE_CTX *ctx)
+{
+ Debug("ssl", "Callback: verify client cert");
+ auto *ssl = static_cast<SSL *>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
+ SSLNetVConnection *netvc = SSLNetVCAccess(ssl);
+
+ netvc->callHooks(TS_EVENT_SSL_VERIFY_CLIENT);
+ return SSL_TLSEXT_ERR_OK;
+}
+
// Use the certificate callback for openssl 1.0.2 and greater
// otherwise use the SNI callback
#if TS_USE_CERT_CB
@@ -427,17 +439,6 @@ ssl_cert_callback(SSL *ssl, void * /*arg*/)
return retval;
}
-static int
-ssl_verify_client_callback(int preverify_ok, X509_STORE_CTX *ctx)
-{
- Debug("ssl", "ssl verify callback");
- auto *ssl = static_cast<SSL *>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
- SSLNetVConnection *netvc = SSLNetVCAccess(ssl);
-
- netvc->callHooks(TS_EVENT_SSL_VERIFY_CLIENT);
- return SSL_TLSEXT_ERR_OK;
-}
-
/*
* Cannot stop this callback. Always reeneabled
*/
--
To stop receiving notification emails like this one, please contact
paziz@apache.org.