Changes between 0.9.6b and 0.9.6c [XX xxx XXXX]
+ *) Modified SSL library such that the verify_callback that has been set
+ specificly for an SSL object with SSL_set_verify() is actually being
+ used. Before the change, a verify_callback set with this function was
+ ignored and the verify_callback() set in the SSL_CTX at the time of
+ the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
+ to allow the necessary settings.
+ [Lutz Jaenicke]
+
*) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
explicitely to NULL, as at least on Solaris 8 this seems not always to be
done automatically (in contradiction to the requirements of the C
int purpose, int trust);
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags);
void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t);
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ int (*verify_cb)(int, X509_STORE_CTX *));
#ifdef __cplusplus
}
X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
+ X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
+
if (s->ctx->app_verify_callback != NULL)
i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
else
{
ctx->verify_mode=mode;
ctx->default_verify_callback=cb;
- /* This needs cleaning up EAY EAY EAY */
- X509_STORE_set_verify_cb_func(ctx->cert_store,cb);
}
void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
projects / oweals / openssl.git / commitdiff