Ssl::VerifyCallbackParameters Class Reference

#include <support.h>

Collaboration diagram for Ssl::VerifyCallbackParameters:

Static Public Member Functions

static VerifyCallbackParametersNew (Security::Connection &)
 
static VerifyCallbackParametersAt (Security::Connection &)
 
static VerifyCallbackParametersFind (Security::Connection &)
 

Public Attributes

bool callerHandlesMissingCertificates = false
 
bool hidMissingIssuer = false
 

Detailed Description

OpenSSL "verify_callback function" input/output parameters. This information cannot be passed through the verification API directly, so it is aggregated in this class and exchanged via ssl_ex_index_verify_callback_parameters. For OpenSSL validation callback details, see OpenSSL_vcb_disambiguation.

Definition at line 339 of file support.h.

Member Function Documentation

◆ At()

Ssl::VerifyCallbackParameters & Ssl::VerifyCallbackParameters::At ( Security::Connection sconn)
static
Returns
the VerifyCallbackParameters object previously attached via New()

Definition at line 554 of file support.cc.

References Must.

Referenced by Security::PeerConnector::handleMissingCertificates(), and Security::PeerConnector::negotiate().

◆ Find()

Ssl::VerifyCallbackParameters * Ssl::VerifyCallbackParameters::Find ( Security::Connection sconn)
static
Returns
the VerifyCallbackParameters object previously attached via New() or nil

Definition at line 536 of file support.cc.

References ssl_ex_index_verify_callback_parameters.

Referenced by ssl_verify_cb().

◆ New()

Ssl::VerifyCallbackParameters * Ssl::VerifyCallbackParameters::New ( Security::Connection sconn)
static

creates a VerifyCallbackParameters object and adds it to the given TLS connection

Returns
the successfully created and added object

Definition at line 542 of file support.cc.

References Here, Must, and ssl_ex_index_verify_callback_parameters.

Referenced by Security::PeerConnector::initialize().

Member Data Documentation

◆ callerHandlesMissingCertificates

bool Ssl::VerifyCallbackParameters::callerHandlesMissingCertificates = false

whether X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY should be cleared (after setting hidMissingIssuer) because the validation initiator wants to get the missing certificates and redo the validation with them

Definition at line 356 of file support.h.

Referenced by Security::PeerConnector::handleMissingCertificates().

◆ hidMissingIssuer

bool Ssl::VerifyCallbackParameters::hidMissingIssuer = false

whether certificate validation has failed due to missing certificate(s) (i.e. X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY), but the failure was cleared/hidden due to true callerHandlesMissingCertificates setting; the certificate chain has to be deemed untrusted until revalidation (if any)

Definition at line 364 of file support.h.


The documentation for this class was generated from the following files:

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors