fix ssl3_pending

[oweals/openssl.git] / ssl / ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 05fa9eef3498b65497a73870839e2e467e92eb40..27d3564630086ec3f9ded7d00506a40d01e807e4 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -358,6 +358,7 @@ typedef struct ssl_method_st
  *     Cipher                  OCTET_STRING,   -- the 3 byte cipher ID
  *     Session_ID              OCTET_STRING,   -- the Session ID
  *     Master_key              OCTET_STRING,   -- the master key
+ *     KRB5_principal          OCTET_STRING    -- optional Kerberos principal
  *     Key_Arg [ 0 ] IMPLICIT  OCTET_STRING,   -- the optional Key argument
  *     Time [ 1 ] EXPLICIT     INTEGER,        -- optional Start Time
  *     Timeout [ 2 ] EXPLICIT  INTEGER,        -- optional Timeout ins seconds
@@ -607,8 +608,10 @@ struct ssl_ctx_st
        int references;
 
        /* if defined, these override the X509_verify_cert() calls */
-       int (*app_verify_callback)();
-       char *app_verify_arg; /* never used; should be void * */
+       int (*app_verify_callback)(X509_STORE_CTX *, void *);
+       void *app_verify_arg;
+       /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
+        * ('app_verify_callback' was called with just one argument) */
 
        /* Default password callback. */
        pem_password_cb *default_passwd_callback;
@@ -1232,7 +1235,7 @@ int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
 void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
                        int (*callback)(int, X509_STORE_CTX *));
 void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(),char *arg);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg);
 #ifndef OPENSSL_NO_RSA
 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
 #endif