diff options
author | Geoff Thorpe <geoff@openssl.org> | 2000-11-29 19:22:54 +0000 |
---|---|---|
committer | Geoff Thorpe <geoff@openssl.org> | 2000-11-29 19:22:54 +0000 |
commit | a9376dbff94c9ddd06639264389ae9777bcb2d30 (patch) | |
tree | a32dca3cb3f996d21033758272b09b2b3b8b3aca /demos/tunala/cb.c | |
parent | 14697d9d6d883bd1193c379900ee9102acd27c19 (diff) | |
download | openssl-a9376dbff94c9ddd06639264389ae9777bcb2d30.tar.gz |
More little changes to the tunala demo;
* A little bit of code-cleanup
* Reformat the usage string (not so wide)
* Allow adding an alternative (usually DSA) cert/key pair (a la s_server)
* Allow control over cert-chain verify depth
Diffstat (limited to 'demos/tunala/cb.c')
-rw-r--r-- | demos/tunala/cb.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c index 37a474e37e..4633c0993e 100644 --- a/demos/tunala/cb.c +++ b/demos/tunala/cb.c @@ -7,8 +7,8 @@ static FILE *fp_cb_ssl_info = NULL; static FILE *fp_cb_ssl_verify = NULL; /* Other static rubbish (to mirror s_cb.c where required) */ -static int verify_depth = 10; -static int verify_error = X509_V_OK; +static int int_verify_depth = 10; +static int int_verify_error = X509_V_OK; /* This function is largely borrowed from the one used in OpenSSL's "s_client" * and "s_server" utilities. */ @@ -61,13 +61,10 @@ int cb_ssl_verify(int ok, X509_STORE_CTX *ctx) if(!ok) { fprintf(fp_cb_ssl_verify,"verify error:num=%d:%s\n",err, X509_verify_cert_error_string(err)); - if(verify_depth >= depth) { - ok = 1; - verify_error = X509_V_OK; - } else { - ok=0; - verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; - } + if((int)int_verify_depth >= depth) + int_verify_error = err; + else + int_verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; } switch (ctx->error) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: @@ -97,5 +94,10 @@ void cb_ssl_verify_set_output(FILE *fp) fp_cb_ssl_verify = fp; } +void cb_ssl_verify_set_depth(unsigned int verify_depth) +{ + int_verify_depth = verify_depth; +} + #endif /* !defined(NO_OPENSSL) */ |