Ssl::VerifyCallbackParameters Class Reference

#include <support.h>

Collaboration diagram for Ssl::VerifyCallbackParameters:

Static Public Member Functions

static VerifyCallbackParametersNew (Security::Connection &)
static VerifyCallbackParametersAt (Security::Connection &)
static VerifyCallbackParametersFind (Security::Connection &)

Public Attributes

bool callerHandlesMissingCertificates = false
bool hidMissingIssuer = false

Detailed Description

OpenSSL "verify_callback function" input/output parameters. This information cannot be passed through the verification API directly, so it is aggregated in this class and exchanged via ssl_ex_index_verify_callback_parameters. For OpenSSL validation callback details, see OpenSSL_vcb_disambiguation.

Definition at line 339 of file support.h.

Member Function Documentation

◆ At()

Ssl::VerifyCallbackParameters & Ssl::VerifyCallbackParameters::At ( Security::Connection sconn)
the VerifyCallbackParameters object previously attached via New()

Definition at line 551 of file

References Must.

Referenced by Security::PeerConnector::handleMissingCertificates(), and Security::PeerConnector::negotiate().

◆ Find()

Ssl::VerifyCallbackParameters * Ssl::VerifyCallbackParameters::Find ( Security::Connection sconn)
the VerifyCallbackParameters object previously attached via New() or nil

Definition at line 533 of file

References ssl_ex_index_verify_callback_parameters.

Referenced by ssl_verify_cb().

◆ New()

Ssl::VerifyCallbackParameters * Ssl::VerifyCallbackParameters::New ( Security::Connection sconn)

creates a VerifyCallbackParameters object and adds it to the given TLS connection

the successfully created and added object

Definition at line 539 of file

References Here, Must, and ssl_ex_index_verify_callback_parameters.

Referenced by Security::PeerConnector::initialize().

Member Data Documentation

◆ callerHandlesMissingCertificates

bool Ssl::VerifyCallbackParameters::callerHandlesMissingCertificates = false

whether X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY should be cleared (after setting hidMissingIssuer) because the validation initiator wants to get the missing certificates and redo the validation with them

Definition at line 356 of file support.h.

Referenced by Security::PeerConnector::handleMissingCertificates().

◆ hidMissingIssuer

bool Ssl::VerifyCallbackParameters::hidMissingIssuer = false

whether certificate validation has failed due to missing certificate(s) (i.e. X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY), but the failure was cleared/hidden due to true callerHandlesMissingCertificates setting; the certificate chain has to be deemed untrusted until revalidation (if any)

Definition at line 364 of file support.h.

The documentation for this class was generated from the following files:






Web Site Translations