Add 'void *' argument to app_verify_callback.
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
diff --git a/CHANGES b/CHANGES
index 223d889..77185b7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -43,6 +43,22 @@
*) applies to 0.9.6a ... 0.9.6d and 0.9.7
+) applies to 0.9.7 only
+ +) Fix the 'app_verify_callback' interface so that the user-defined
+ argument is actually passed to the callback: In the
+ SSL_CTX_set_cert_verify_callback() prototype, the callback
+ declaration has been changed from
+ int (*cb)()
+ into
+ int (*cb)(X509_STORE_CTX *,void *);
+ in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
+ i=s->ctx->app_verify_callback(&ctx)
+ has been changed into
+ i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
+
+ To update applications using SSL_CTX_set_cert_verify_callback(),
+ a dummy argument can be added to their callback functions.
+ [D. K. Smetters <smetters@parc.xerox.com>]
+
+) Added the '4758cca' ENGINE to support IBM 4758 cards.
[Maurice Gittens <maurice@gittens.nl>, touchups by Geoff Thorpe]
diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c
index f79076a..25aedb9 100644
--- a/demos/easy_tls/easy-tls.c
+++ b/demos/easy_tls/easy-tls.c
@@ -1,7 +1,7 @@
/* -*- Mode: C; c-file-style: "bsd" -*- */
/*
* easy-tls.c -- generic TLS proxy.
- * $Id: easy-tls.c,v 1.2 2001/09/24 07:54:09 bodo Exp $
+ * $Id: easy-tls.c,v 1.3 2002/02/28 10:52:01 bodo Exp $
*/
/*
(c) Copyright 1999 Bodo Moeller. All rights reserved.
@@ -73,7 +73,7 @@
*/
static char const rcsid[] =
-"$Id: easy-tls.c,v 1.2 2001/09/24 07:54:09 bodo Exp $";
+"$Id: easy-tls.c,v 1.3 2002/02/28 10:52:01 bodo Exp $";
#include <assert.h>
#include <errno.h>
@@ -568,7 +568,7 @@
}
static int
-verify_dont_fail_cb(X509_STORE_CTX *c)
+verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg)
{
int i;
diff --git a/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
index 723fc14..c0f4f85 100644
--- a/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
+++ b/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
@@ -8,38 +8,36 @@
#include <openssl/ssl.h>
- void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(),
- char *arg);
- int (*callback)();
+ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *,void *), void *arg);
=head1 DESCRIPTION
SSL_CTX_set_cert_verify_callback() sets the verification callback function for
-B<ctx>. SSL objects, that are created from B<ctx> inherit the setting valid at
-the time, L<SSL_new(3)|SSL_new(3)> is called. B<arg> is currently ignored.
+I<ctx>. SSL objects that are created from I<ctx> inherit the setting valid at
+the time when L<SSL_new(3)|SSL_new(3)> is called.
=head1 NOTES
Whenever a certificate is verified during a SSL/TLS handshake, a verification
function is called. If the application does not explicitly specify a
verification callback function, the built-in verification function is used.
-If a verification callback B<callback> is specified via
+If a verification callback I<callback> is specified via
SSL_CTX_set_cert_verify_callback(), the supplied callback function is called
-instead. By setting B<callback> to NULL, the default behaviour is restored.
+instead. By setting I<callback> to NULL, the default behaviour is restored.
-When the verification must be performed, B<callback> will be called with
-the argument callback(X509_STORE_CTX *x509_store_ctx). The arguments B<arg>
-that can be specified when setting B<callback> are currently ignored.
+When the verification must be performed, I<callback> will be called with
+the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The
+argument I<arg> is specified by the application when setting I<callback>.
-B<callback> should return 1 to indicate verification success and 0 to
-indicate verification failure. If SSL_VERIFY_PEER is set and B<callback>
+I<callback> should return 1 to indicate verification success and 0 to
+indicate verification failure. If SSL_VERIFY_PEER is set and I<callback>
returns 0, the handshake will fail. As the verification procedure may
allow to continue the connection in case of failure (by always returning 1)
the verification result must be set in any case using the B<error>
-member of B<x509_store_ctx>, so that the calling application will be informed
+member of I<x509_store_ctx> so that the calling application will be informed
about the detailed result of the verification procedure!
-Within B<x509_store_ctx>, B<callback> has access to the B<verify_callback>
+Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
function set using L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
=head1 WARNINGS
@@ -56,12 +54,6 @@
=head1 BUGS
-It is possible to specify arguments to be passed to the verification callback.
-Currently they are however not passed but ignored.
-
-The B<callback> function is not specified via a prototype, so that no
-type checking takes place.
-
=head1 RETURN VALUES
SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.
@@ -72,4 +64,12 @@
L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+=head1 HISTORY
+
+Previous to OpenSSL 0.9.7, the I<arg> argument to B<SSL_CTX_set_cert_verify_callback>
+was ignored, and I<callback> was called simply as
+ int (*callback)(X509_STORE_CTX *)
+To compile software written for previous versions of OpenSSL, a dummy
+argument will have to be added to I<callback>.
+
=cut
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 05fa9ee..af4a7e8 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -607,8 +607,10 @@
int references;
/* if defined, these override the X509_verify_cert() calls */
- int (*app_verify_callback)();
- char *app_verify_arg; /* never used; should be void * */
+ int (*app_verify_callback)(X509_STORE_CTX *, void *);
+ void *app_verify_arg;
+ /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
+ * ('app_verify_callback' was called with just one argument) */
/* Default password callback. */
pem_password_cb *default_passwd_callback;
@@ -1232,7 +1234,7 @@
void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
int (*callback)(int, X509_STORE_CTX *));
void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(),char *arg);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg);
#ifndef OPENSSL_NO_RSA
int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
#endif
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index d785847..1a873d2 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -483,7 +483,11 @@
X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
if (s->ctx->app_verify_callback != NULL)
+#if 1 /* new with OpenSSL 0.9.7 */
+ i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
+#else
i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
+#endif
else
{
#ifndef OPENSSL_NO_X509_VERIFY
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index eaf1abd..df307a8 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1443,15 +1443,10 @@
ctx->default_passwd_callback_userdata=u;
}
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg)
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
{
- /* now
- * int (*cb)(X509_STORE_CTX *),
- * but should be
- * int (*cb)(X509_STORE_CTX *, void *arg)
- */
ctx->app_verify_callback=cb;
- ctx->app_verify_arg=arg; /* never used */
+ ctx->app_verify_arg=arg;
}
void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 7d6b53e..2ef9ae7 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -158,6 +158,10 @@
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
static void free_tmp_rsa(void);
#endif
+static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
+#define APP_CALLBACK "Test Callback Argument"
+static char *app_verify_arg = APP_CALLBACK;
+
#ifndef OPENSSL_NO_DH
static DH *get_dh512(void);
static DH *get_dh1024(void);
@@ -336,6 +340,7 @@
int tls1=0,ssl2=0,ssl3=0,ret=1;
int client_auth=0;
int server_auth=0,i;
+ int app_verify=0;
char *server_cert=TEST_SERVER_CERT;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
@@ -489,6 +494,10 @@
{
comp = COMP_RLE;
}
+ else if (strcmp(*argv,"-app_verify") == 0)
+ {
+ app_verify = 1;
+ }
else
{
fprintf(stderr,"unknown option %s\n",*argv);
@@ -640,12 +649,20 @@
SSL_CTX_set_verify(s_ctx,
SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
+ if (app_verify)
+ {
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
+ }
}
if (server_auth)
{
BIO_printf(bio_err,"server authentication\n");
SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
verify_callback);
+ if (app_verify)
+ {
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
+ }
}
{
@@ -1433,6 +1450,25 @@
return(ok);
}
+static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
+ {
+ char *s = NULL,buf[256];
+ int ok=1;
+
+ fprintf(stderr, "In app_verify_callback, allowing cert. ");
+ fprintf(stderr, "Arg is: %s\n", (char *)arg);
+ fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
+ (unsigned int)ctx, (unsigned int)ctx->cert);
+ if (ctx->cert)
+ s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
+ if (s != NULL)
+ {
+ fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
+ }
+
+ return(ok);
+ }
+
#ifndef OPENSSL_NO_RSA
static RSA *rsa_tmp=NULL;
diff --git a/test/testssl b/test/testssl
index 3ca5c80..ba5e41c 100644
--- a/test/testssl
+++ b/test/testssl
@@ -116,6 +116,9 @@
echo test sslv2/sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+
#############################################################################
echo test tls1 with 1024bit anonymous DH, multiple handshakes
