add user ctx to verify callback with CyaSSL_SetCertCbCtx

2013-04-18 10:37:10 -07:00 · 2013-04-18 10:37:10 -07:00 · d665e16bd8
parent 729fc1e603
commit d665e16bd8
4 changed files with 15 additions and 0 deletions
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@ -1616,6 +1616,7 @@ struct CYASSL {
    Arrays*         arrays;
    CYASSL_SESSION  session;
    VerifyCallback  verifyCallback;      /* cert verification callback */
+    void*           verifyCbCtx;         /* cert verify callback user ctx*/
 #ifndef NO_RSA
    RsaKey*         peerRsaKey;
    byte            peerRsaKeyPresent;
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@ -138,6 +138,7 @@ typedef struct CYASSL_X509_STORE_CTX {
    CYASSL_X509* current_cert;   /* stunnel dereference */
    char* domain;                /* subject CN domain name */
    void* ex_data;               /* external data, for fortress build */
+    void* userCtx;               /* user ctx */
    int   error;                 /* current error */
    int   error_depth;           /* cert depth for this error */
    int   discardSessionCerts;   /* so verify callback can flag for discard */ 
@ -224,6 +225,7 @@ typedef int (*pem_password_cb)(char*, int, int, void*);
 CYASSL_API void CyaSSL_CTX_set_verify(CYASSL_CTX*, int, 
                                      VerifyCallback verify_callback);
 CYASSL_API void CyaSSL_set_verify(CYASSL*, int, VerifyCallback verify_callback);
+CYASSL_API void CyaSSL_SetCertCbCtx(CYASSL*, void*);

 CYASSL_API int  CyaSSL_pending(CYASSL*);

--- a/src/internal.c
+++ b/src/internal.c
@ -1281,6 +1281,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
    ssl->peerRsaKeyPresent = 0;
 #endif
    ssl->verifyCallback    = ctx->verifyCallback;
+    ssl->verifyCbCtx       = NULL;
    ssl->options.side      = ctx->method->side;
    ssl->options.downgrade = ctx->method->downgrade;
    ssl->error = 0;
@ -3109,6 +3110,7 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
                store.error_depth = totalCerts;
                store.discardSessionCerts = 0;
                store.domain = domain;
+                store.userCtx = ssl->verifyCbCtx;
 #ifdef KEEP_PEER_CERT
                store.current_cert = &ssl->peerCert;
 #else
@ -3146,6 +3148,7 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
            store.error_depth = totalCerts;
            store.discardSessionCerts = 0;
            store.domain = domain;
+            store.userCtx = ssl->verifyCbCtx;
            store.current_cert = &ssl->peerCert;
            store.ex_data = ssl;

--- a/src/ssl.c
+++ b/src/ssl.c
@ -2460,6 +2460,15 @@ void CyaSSL_set_verify(CYASSL* ssl, int mode, VerifyCallback vc)
 }


+/* store user ctx for verify callback */
+void CyaSSL_SetCertCbCtx(CYASSL* ssl, void* ctx)
+{
+    CYASSL_ENTER("CyaSSL_SetCertCbCtx");
+    if (ssl)
+        ssl->verifyCbCtx = ctx;
+}
+
+
 /* store context CA Cache addition callback */
 void CyaSSL_CTX_SetCACb(CYASSL_CTX* ctx, CallbackCACache cb)
 {