table of contents
other versions
- wheezy 4.2-1
- wheezy-backports 5.6-3~bpo70+1
- jessie 5.6-3
- testing 5.13-1
- unstable 5.13-1
| Callback Functions(3) | globus gsi callback | Callback Functions(3) |
NAME¶
Callback Functions -Typedefs¶
typedef int(* globus_gsi_extension_callback_t )(globus_gsi_callback_data_t callback_data, X509_EXTENSION *extension)
Get callback data index from X509_STORE¶
globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int *index)
Get callback data index from SSL structure¶
globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int *index)
Certificate verify wrapper¶
int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX *context, void *arg)
Independent path validation callback.¶
int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX *x509_context)
SSL path validation callback.¶
int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX *x509_context)
OpenSSL X509_check_issued() wrapper¶
int globus_gsi_callback_check_issued (X509_STORE_CTX *context, X509 *cert, X509 *issuer)
Detailed Description¶
Functions that plug into various plug points in the OpenSSL path validation mechanism.Typedef Documentation¶
typedef int(* globus_gsi_extension_callback_t)(globus_gsi_callback_data_t callback_data, X509_EXTENSION *extension)¶
Typedef for a callback that may be registered for dealing with unhandled X.509 extension.Function Documentation¶
globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int *index)¶
Retrieve or create the index for our callback data structure in the X509_STORE. Parameters:index Will contain the index upon
return
Returns:
GLOBUS_SUCCESS unless an error occurred, in
which case, a globus error object ID is returned
globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int *index)¶
Retrieve or create the index for our callback data structure in the SSL structure. Parameters:index Will contain the index upon
return
Returns:
GLOBUS_SUCCESS unless an error occurred, in
which case, a globus error object ID is returned
int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX *context, void *arg)¶
This function wraps the OpenSSL certificate verification callback for the purpose of a replacing the standard issuer check with one that deals with proxy certificates. Should be used with SSL_CTX_set_cert_verify_callback() Parameters:context The X509_STORE_CTX for which to
register the callback.
arg Arguments to the callback. Currently ignored.
Returns:
1 on success 0 on failure
int globus_gsi_callback_create_proxy_callback (intpreverify_ok, X509_STORE_CTX *x509_context)¶
This function provides a path validation callback for validation outside of a SSL session. It should be used in X509_STORE_set_verify_cb_func(). Parameters:preverify_ok Communicates the result of
default validation steps performed by OpenSSL
x509_context The validation state object
Returns:
1 on success 0 on failure
int globus_gsi_callback_handshake_callback (intpreverify_ok, X509_STORE_CTX *x509_context)¶
This function provides a path validation callback for the validation part of establishing a SSL session. It handles proxy certificates, X509 Extensions and CRL checking. It should be used in SSL_CTX_set_verify(). Parameters:preverify_ok Communicates the result of
default validation steps performed by OpenSSL
x509_context The validation state object.
Returns:
1 on success 0 on failure
int globus_gsi_callback_check_issued (X509_STORE_CTX *context, X509 *cert, X509 *issuer)¶
This function wraps the OpenSSL X509_check_issued() call and catches the error caused by the fact that a proxy certificate issuer may not have to have the correct KeyUsage fields set. Parameters:context The validation state object.
cert The certificate to check
issuer The issuer certificate to check
Returns:
1 on success 0 on failure
Author¶
Generated automatically by Doxygen for globus gsi callback from the source code.| Mon Apr 30 2012 | Version 4.2 |