Re: 1.0.2 to 1.1 migration problem with verify_callback()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In my verify callback (for 1.0.2, mind you), I use X509_STORE_CTX_get_app_data(ctx) to get the SSL* pointer.  X509_STORE_CTX_get_app_data(ctx) is a macro in OpenSSL's "x509_vfy.h" header file that maps to X509_STORE_CTX_get_ex_data(ctx,0) (why doesn't it use SSL_get_ex_data_X509_STORE_CTX_idx() instead of 0?).


Remy Lebeau
Lebeau Software
On 8/5/2019 7:40 AM, Matt Caswell wrote:
From within your callback you can do this to get hold of the SSL object:

SSL *s = (SSL *)X509_STORE_CTX_get_ex_data(ctx,
SSL_get_ex_data_X509_STORE_CTX_idx());

And then this to get hold of the hostname requested:

const char *hostname = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux