You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficserver.apache.org by pa...@apache.org on 2018/03/05 22:34:00 UTC

[trafficserver] branch master updated: Add declaration of ssl_verify_client_callback

This is an automated email from the ASF dual-hosted git repository.

paziz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 8fbe879  Add declaration of ssl_verify_client_callback
8fbe879 is described below

commit 8fbe87975d3f0a4e10a9874577571fb269492318
Author: Persia Aziz <pe...@yahoo-inc.com>
AuthorDate: Mon Mar 5 11:13:23 2018 -0600

    Add declaration of ssl_verify_client_callback
---
 iocore/net/SSLUtils.cc | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index e7cd113..74dd5c9 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -392,6 +392,18 @@ done:
   return retval;
 }
 
+// Callback function for verifying client certificate
+int
+ssl_verify_client_callback(int preverify_ok, X509_STORE_CTX *ctx)
+{
+  Debug("ssl", "Callback: verify client cert");
+  auto *ssl                = static_cast<SSL *>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
+  SSLNetVConnection *netvc = SSLNetVCAccess(ssl);
+
+  netvc->callHooks(TS_EVENT_SSL_VERIFY_CLIENT);
+  return SSL_TLSEXT_ERR_OK;
+}
+
 // Use the certificate callback for openssl 1.0.2 and greater
 // otherwise use the SNI callback
 #if TS_USE_CERT_CB
@@ -427,17 +439,6 @@ ssl_cert_callback(SSL *ssl, void * /*arg*/)
   return retval;
 }
 
-static int
-ssl_verify_client_callback(int preverify_ok, X509_STORE_CTX *ctx)
-{
-  Debug("ssl", "ssl verify callback");
-  auto *ssl                = static_cast<SSL *>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
-  SSLNetVConnection *netvc = SSLNetVCAccess(ssl);
-
-  netvc->callHooks(TS_EVENT_SSL_VERIFY_CLIENT);
-  return SSL_TLSEXT_ERR_OK;
-}
-
 /*
  * Cannot stop this callback. Always reeneabled
  */

-- 
To stop receiving notification emails like this one, please contact
paziz@apache.org.