lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

- Added verification callback in certificate verification chain in order to allow external blacklisting

Browse Source
This commit is contained in:
Paul Bakker
2011-01-13 17:54:59 +00:00
parent 1b57b06751
commit b63b0afc05
8 changed files with 104 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
library/ssl_tls.c
View File

@ -1404,7 +1404,8 @@ int ssl_parse_certificate( ssl_context *ssl )
}
ret = x509parse_verify( ssl->peer_cert, ssl->ca_chain, ssl->ca_crl,
ssl->peer_cn, &ssl->verify_result );
ssl->peer_cn, &ssl->verify_result,
ssl->f_vrfy, ssl->p_vrfy );
if( ret != 0 )
SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
@ -1725,6 +1726,14 @@ void ssl_set_authmode( ssl_context *ssl, int authmode )
ssl->authmode = authmode;
}
void ssl_set_verify( ssl_context *ssl,
int (*f_vrfy)(void *, x509_cert *, int, int),
void *p_vrfy )
{
ssl->f_vrfy = f_vrfy;
ssl->p_vrfy = p_vrfy;
}
void ssl_set_rng( ssl_context *ssl,
int (*f_rng)(void *),
void *p_rng )