Re: [EXTERNAL] Re: Alternative for structure opaque X509 & X509_STORE_CTX

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



   
Hi Matt

   The return type of ctx->verify_cb(0,  ctx) is int and the return type of  X509_STORE_get_verify_cb()       is X509_STORE_CTX_verify_cb in this case how do i match/replace
    int ok=1;
    ok = ctx->verify_cb(0,  ctx);

    X509_STORE_CTX_verify_cb verify_cb;
    verify_cb = X509_STORE_get_verify_cb(ctx);

Thanks
Shiva kumar


From: Matt Caswell <matt@xxxxxxxxxxx>
Sent: Friday, October 8, 2021 8:41 PM
To: Shivakumar Poojari <Shivakumar.Poojari@xxxxxxxx>; openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx>
Cc: Paramashivaiah, Sunil <Sunil.Paramashivaiah@xxxxxxxx>; Kumar Mishra, Sanjeev <Sanjeev.Kumar-Mishra@xxxxxxxx>; Bhattacharjee, Debapriyo (c) <dbhattacharjee@xxxxxxxx>
Subject: Re: [EXTERNAL] Re: Alternative for structure opaque X509 & X509_STORE_CTX
 


On 08/10/2021 11:07, Shivakumar Poojari wrote:
> HI Matt,
>
> For below error i tried your suggestion but return type are different,
> so facing issue in replacing, remaining suggestion are worked absolutely
> fine
>>
>> error: invalid use  of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>           ok = ctx->verify_cb(0,  ctx);
>
> X509_STORE_get_verify_cb()
>

I'm not sure what you mean by the return types are different
X509_STORE_get_verify_cb, is declared as follows:

     X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(const X509_STORE
*ctx);

Where X509_STORE_CTX_verify_cb is declared as:

     typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);

So, this code is equivalent to your original code above:

     X509_STORE_CTX_verify_cb verify_cb;

     verify_cb = X509_STORE_get_verify_cb(ctx);
     ok = verify_cb(0, ctx);

Matt


> please suggest.
>
> Thanks,
> shivakumar
> ------------------------------------------------------------------------
> *From:* Matt Caswell <matt@xxxxxxxxxxx>
> *Sent:* Tuesday, October 5, 2021 1:20 PM
> *To:* Shivakumar Poojari <Shivakumar.Poojari@xxxxxxxx>;
> openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx>
> *Cc:* Paramashivaiah, Sunil <Sunil.Paramashivaiah@xxxxxxxx>; Kumar
> Mishra, Sanjeev <Sanjeev.Kumar-Mishra@xxxxxxxx>; Bhattacharjee,
> Debapriyo (c) <dbhattacharjee@xxxxxxxx>
> *Subject:* [EXTERNAL] Re: Alternative for structure opaque X509 &
> X509_STORE_CTX
>
>
> On 05/10/2021 05:24, Shivakumar Poojari wrote:
>> :error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
>>       if (x->ocsp && x->ocsp->ocsp_url)
>
> Strangely there is no ocsp field in an x509_st even in 1.0.2 that I can see.
>
>
>>
>> :error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
>>           if(cert->sig_alg)
>>
>> :types.h:157:16: note: forward declaration of 'X509' {aka 'struct x509_st'}
>>   typedef struct x509_st X509;
>>
>> error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
>>               sigAlg = OBJ_obj2nid((cert)->sig_alg->algorithm);
>
>
> sig_alg is an X509_ALGOR structure which you get can using
> X509_get0_signature().
>
>>
>>   error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       x = ctx->cert;
>
> X509_STORE_CTX_get_current_cert()
>
>>              ^~
>> types.h:165:16: note: forward declaration of 'X509_STORE_CTX' {aka
>> 'struct x509_store_ctx_st'}
>>   typedef struct x509_store_ctx_st X509_STORE_CTX;
>>                  ^~~~~~~~~~~~~~~~~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       ctx->current_cert = x;
>
> X509_STORE_CTX_set_current_cert()
>
>>          ^~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       ctx->current_issuer = NULL;
>>          ^~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       ctx->current_crl_score = 0;
>>          ^~
>>
>> types.h:165:16: note: forward declaration of 'X509_STORE_CTX' {aka
>> 'struct x509_store_ctx_st'}
>>   typedef struct x509_store_ctx_st X509_STORE_CTX;
>>                  ^~~~~~~~~~~~~~~~~
>>
>> types.h:165:16: note: forward declaration of 'X509_STORE_CTX' {aka
>> 'struct x509_store_ctx_st'}
>>   typedef struct x509_store_ctx_st X509_STORE_CTX;
>>                  ^~~~~~~~~~~~~~~~~
>> /sonus/p4/ws/spoojari/openssl3/marlin/SIPCM/sipCmOpenSSL.c:3268:8:
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       ctx->current_reasons = 0;
>
>
>
> These fields can't be set individually. You have to reset the whole
> X509_STORE_CTX, e.g. via X509_STORE_CTX_init.
>
>
>>          ^~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       ctx->error = 0;
>
>
> X509_STORE_CTX_set_error()
>
>>          ^~
>> error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
>>               if (px->ocsp && (px->ocsp->ocsp_validate ==
>> X509_OCSP_VALIDATE_DISABLED))
>>                     ^~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>           if (!ctx->ctx->ocsp_process_responder)
>>                   ^~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>       store = ctx->ctx;
>>
>
> Use X509_STORE_CTX_get0_store() to get ctx->ctx. I can't find the field
> "ocsp_process_responder"
>
>
>                    ^~
>>
>> error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct
>> x509_store_ctx_st'}
>>           ok = ctx->verify_cb(0, ctx);
>
> X509_STORE_get_verify_cb()
>
>
>>                   ^~
>> Getting above error in the code, Please provide the document that which
>> function i can use to resolve this errors.
>>
>> Thanks,
>> Shiva kumar
>>
>> Notice: This e-mail together with any attachments may contain
>> information of Ribbon Communications Inc. and its Affiliates that is
>> confidential and/or proprietary for the sole use of the intended
>> recipient. Any review, disclosure, reliance or distribution by others or
>> forwarding without express permission is strictly prohibited. If you are
>> not the intended recipient, please notify the sender immediately and
>> then delete all copies, including any attachments.
>
> Notice: This e-mail together with any attachments may contain
> information of Ribbon Communications Inc. and its Affiliates that is
> confidential and/or proprietary for the sole use of the intended
> recipient. Any review, disclosure, reliance or distribution by others or
> forwarding without express permission is strictly prohibited. If you are
> not the intended recipient, please notify the sender immediately and
> then delete all copies, including any attachments.

Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux