1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimSSL_get_ex_data_X509_STORE_CTX_idx, 6e71b7053SJung-uk KimSSL_CTX_set_verify, SSL_set_verify, 7e71b7053SJung-uk KimSSL_CTX_set_verify_depth, SSL_set_verify_depth, 8e71b7053SJung-uk KimSSL_verify_cb, 9e71b7053SJung-uk KimSSL_verify_client_post_handshake, 10e71b7053SJung-uk KimSSL_set_post_handshake_auth, 11e71b7053SJung-uk KimSSL_CTX_set_post_handshake_auth 12*b077aed3SPierre Pronchery- set various SSL/TLS parameters for peer certificate verification 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim=head1 SYNOPSIS 15e71b7053SJung-uk Kim 16e71b7053SJung-uk Kim #include <openssl/ssl.h> 17e71b7053SJung-uk Kim 18e71b7053SJung-uk Kim typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx); 19e71b7053SJung-uk Kim 20e71b7053SJung-uk Kim void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback); 21e71b7053SJung-uk Kim void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback); 22e71b7053SJung-uk Kim SSL_get_ex_data_X509_STORE_CTX_idx(void); 23e71b7053SJung-uk Kim 24e71b7053SJung-uk Kim void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); 25e71b7053SJung-uk Kim void SSL_set_verify_depth(SSL *ssl, int depth); 26e71b7053SJung-uk Kim 27e71b7053SJung-uk Kim int SSL_verify_client_post_handshake(SSL *ssl); 28e71b7053SJung-uk Kim void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val); 29e71b7053SJung-uk Kim void SSL_set_post_handshake_auth(SSL *ssl, int val); 30e71b7053SJung-uk Kim 31e71b7053SJung-uk Kim=head1 DESCRIPTION 32e71b7053SJung-uk Kim 33e71b7053SJung-uk KimSSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> and 34e71b7053SJung-uk Kimspecifies the B<verify_callback> function to be used. If no callback function 35e71b7053SJung-uk Kimshall be specified, the NULL pointer can be used for B<verify_callback>. 36e71b7053SJung-uk Kim 37e71b7053SJung-uk KimSSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and 38e71b7053SJung-uk Kimspecifies the B<verify_callback> function to be used. If no callback function 39e71b7053SJung-uk Kimshall be specified, the NULL pointer can be used for B<verify_callback>. In 40e71b7053SJung-uk Kimthis case last B<verify_callback> set specifically for this B<ssl> remains. If 41e71b7053SJung-uk Kimno special B<callback> was set before, the default callback for the underlying 42e71b7053SJung-uk KimB<ctx> is used, that was valid at the time B<ssl> was created with 43e71b7053SJung-uk KimL<SSL_new(3)>. Within the callback function, 44e71b7053SJung-uk KimB<SSL_get_ex_data_X509_STORE_CTX_idx> can be called to get the data index 45e71b7053SJung-uk Kimof the current SSL object that is doing the verification. 46e71b7053SJung-uk Kim 47*b077aed3SPierre ProncheryIn client mode B<verify_callback> may also call the L<SSL_set_retry_verify(3)> 48*b077aed3SPierre Proncheryfunction on the B<SSL> object set in the I<x509_store_ctx> ex data (see 49*b077aed3SPierre ProncheryL<SSL_get_ex_data_X509_STORE_CTX_idx(3)>) and return 1. 50*b077aed3SPierre ProncheryThis would be typically done in case the certificate verification was not yet 51*b077aed3SPierre Proncheryable to succeed. 52*b077aed3SPierre ProncheryThis makes the handshake suspend and return control to the calling application 53*b077aed3SPierre Proncherywith B<SSL_ERROR_WANT_RETRY_VERIFY>. 54*b077aed3SPierre ProncheryThe application can for instance fetch further certificates or cert status 55*b077aed3SPierre Proncheryinformation needed for the verification. 56*b077aed3SPierre ProncheryCalling L<SSL_connect(3)> again resumes the connection attempt by retrying the 57*b077aed3SPierre Proncheryserver certificate verification step. 58*b077aed3SPierre ProncheryThis process may even be repeated if need be. 59*b077aed3SPierre ProncheryNote that the handshake may still be aborted if a subsequent invocation of the 60*b077aed3SPierre Proncherycallback (e.g., at a lower depth, or for a separate error condition) returns 0. 61*b077aed3SPierre Pronchery 62e71b7053SJung-uk KimSSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain 63e71b7053SJung-uk Kimverification that shall be allowed for B<ctx>. 64e71b7053SJung-uk Kim 65e71b7053SJung-uk KimSSL_set_verify_depth() sets the maximum B<depth> for the certificate chain 66e71b7053SJung-uk Kimverification that shall be allowed for B<ssl>. 67e71b7053SJung-uk Kim 68e71b7053SJung-uk KimSSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the 69e71b7053SJung-uk KimPost-Handshake Authentication extension to be added to the ClientHello such that 70e71b7053SJung-uk Kimpost-handshake authentication can be requested by the server. If B<val> is 0 71e71b7053SJung-uk Kimthen the extension is not sent, otherwise it is. By default the extension is not 72e71b7053SJung-uk Kimsent. A certificate callback will need to be set via 73e71b7053SJung-uk KimSSL_CTX_set_client_cert_cb() if no certificate is provided at initialization. 74e71b7053SJung-uk Kim 75e71b7053SJung-uk KimSSL_verify_client_post_handshake() causes a CertificateRequest message to be 76e71b7053SJung-uk Kimsent by a server on the given B<ssl> connection. The SSL_VERIFY_PEER flag must 77e71b7053SJung-uk Kimbe set; the SSL_VERIFY_POST_HANDSHAKE flag is optional. 78e71b7053SJung-uk Kim 79e71b7053SJung-uk Kim=head1 NOTES 80e71b7053SJung-uk Kim 81e71b7053SJung-uk KimThe verification of certificates can be controlled by a set of logically 82e71b7053SJung-uk Kimor'ed B<mode> flags: 83e71b7053SJung-uk Kim 84e71b7053SJung-uk Kim=over 4 85e71b7053SJung-uk Kim 86e71b7053SJung-uk Kim=item SSL_VERIFY_NONE 87e71b7053SJung-uk Kim 88e71b7053SJung-uk KimB<Server mode:> the server will not send a client certificate request to the 89e71b7053SJung-uk Kimclient, so the client will not send a certificate. 90e71b7053SJung-uk Kim 91e71b7053SJung-uk KimB<Client mode:> if not using an anonymous cipher (by default disabled), the 92e71b7053SJung-uk Kimserver will send a certificate which will be checked. The result of the 93e71b7053SJung-uk Kimcertificate verification process can be checked after the TLS/SSL handshake 94e71b7053SJung-uk Kimusing the L<SSL_get_verify_result(3)> function. 95e71b7053SJung-uk KimThe handshake will be continued regardless of the verification result. 96e71b7053SJung-uk Kim 97e71b7053SJung-uk Kim=item SSL_VERIFY_PEER 98e71b7053SJung-uk Kim 99e71b7053SJung-uk KimB<Server mode:> the server sends a client certificate request to the client. 100e71b7053SJung-uk KimThe certificate returned (if any) is checked. If the verification process 101e71b7053SJung-uk Kimfails, the TLS/SSL handshake is 102e71b7053SJung-uk Kimimmediately terminated with an alert message containing the reason for 103e71b7053SJung-uk Kimthe verification failure. 104e71b7053SJung-uk KimThe behaviour can be controlled by the additional 105e71b7053SJung-uk KimSSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and 106e71b7053SJung-uk KimSSL_VERIFY_POST_HANDSHAKE flags. 107e71b7053SJung-uk Kim 108e71b7053SJung-uk KimB<Client mode:> the server certificate is verified. If the verification process 109e71b7053SJung-uk Kimfails, the TLS/SSL handshake is 110e71b7053SJung-uk Kimimmediately terminated with an alert message containing the reason for 111e71b7053SJung-uk Kimthe verification failure. If no server certificate is sent, because an 112e71b7053SJung-uk Kimanonymous cipher is used, SSL_VERIFY_PEER is ignored. 113e71b7053SJung-uk Kim 114e71b7053SJung-uk Kim=item SSL_VERIFY_FAIL_IF_NO_PEER_CERT 115e71b7053SJung-uk Kim 116e71b7053SJung-uk KimB<Server mode:> if the client did not return a certificate, the TLS/SSL 117e71b7053SJung-uk Kimhandshake is immediately terminated with a "handshake failure" alert. 118e71b7053SJung-uk KimThis flag must be used together with SSL_VERIFY_PEER. 119e71b7053SJung-uk Kim 120da327cd2SJung-uk KimB<Client mode:> ignored (see BUGS) 121e71b7053SJung-uk Kim 122e71b7053SJung-uk Kim=item SSL_VERIFY_CLIENT_ONCE 123e71b7053SJung-uk Kim 124e71b7053SJung-uk KimB<Server mode:> only request a client certificate once during the 125e71b7053SJung-uk Kimconnection. Do not ask for a client certificate again during 126e71b7053SJung-uk Kimrenegotiation or post-authentication if a certificate was requested 127e71b7053SJung-uk Kimduring the initial handshake. This flag must be used together with 128e71b7053SJung-uk KimSSL_VERIFY_PEER. 129e71b7053SJung-uk Kim 130da327cd2SJung-uk KimB<Client mode:> ignored (see BUGS) 131e71b7053SJung-uk Kim 132e71b7053SJung-uk Kim=item SSL_VERIFY_POST_HANDSHAKE 133e71b7053SJung-uk Kim 134e71b7053SJung-uk KimB<Server mode:> the server will not send a client certificate request 135e71b7053SJung-uk Kimduring the initial handshake, but will send the request via 136e71b7053SJung-uk KimSSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL 137e71b7053SJung-uk Kimto be configured for post-handshake peer verification before the 138e71b7053SJung-uk Kimhandshake occurs. This flag must be used together with 139e71b7053SJung-uk KimSSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections. 140e71b7053SJung-uk Kim 141da327cd2SJung-uk KimB<Client mode:> ignored (see BUGS) 142e71b7053SJung-uk Kim 143e71b7053SJung-uk Kim=back 144e71b7053SJung-uk Kim 145e71b7053SJung-uk KimIf the B<mode> is SSL_VERIFY_NONE none of the other flags may be set. 146e71b7053SJung-uk Kim 147e71b7053SJung-uk KimThe actual verification procedure is performed either using the built-in 148e71b7053SJung-uk Kimverification procedure or using another application provided verification 149e71b7053SJung-uk Kimfunction set with 150e71b7053SJung-uk KimL<SSL_CTX_set_cert_verify_callback(3)>. 151e71b7053SJung-uk KimThe following descriptions apply in the case of the built-in procedure. An 152e71b7053SJung-uk Kimapplication provided procedure also has access to the verify depth information 153e71b7053SJung-uk Kimand the verify_callback() function, but the way this information is used 154e71b7053SJung-uk Kimmay be different. 155e71b7053SJung-uk Kim 156e71b7053SJung-uk KimSSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the 157e71b7053SJung-uk Kimnumber of certificates between the end-entity and trust-anchor certificates. 158e71b7053SJung-uk KimNeither the 159e71b7053SJung-uk Kimend-entity nor the trust-anchor certificates count against B<depth>. If the 160e71b7053SJung-uk Kimcertificate chain needed to reach a trusted issuer is longer than B<depth+2>, 161e71b7053SJung-uk KimX509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. 162e71b7053SJung-uk KimThe depth count is "level 0:peer certificate", "level 1: CA certificate", 163e71b7053SJung-uk Kim"level 2: higher level CA certificate", and so on. Setting the maximum 164e71b7053SJung-uk Kimdepth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the 165e71b7053SJung-uk Kimtrust-anchor). 166e71b7053SJung-uk KimThe default depth limit is 100, 167e71b7053SJung-uk Kimallowing for the peer certificate, at most 100 intermediate CA certificates and 168e71b7053SJung-uk Kima final trust anchor certificate. 169e71b7053SJung-uk Kim 170e71b7053SJung-uk KimThe B<verify_callback> function is used to control the behaviour when the 171e71b7053SJung-uk KimSSL_VERIFY_PEER flag is set. It must be supplied by the application and 172e71b7053SJung-uk Kimreceives two arguments: B<preverify_ok> indicates, whether the verification of 173e71b7053SJung-uk Kimthe certificate in question was passed (preverify_ok=1) or not 174e71b7053SJung-uk Kim(preverify_ok=0). B<x509_ctx> is a pointer to the complete context used 175e71b7053SJung-uk Kimfor the certificate chain verification. 176e71b7053SJung-uk Kim 177e71b7053SJung-uk KimThe certificate chain is checked starting with the deepest nesting level 178e71b7053SJung-uk Kim(the root CA certificate) and worked upward to the peer's certificate. 179e71b7053SJung-uk KimAt each level signatures and issuer attributes are checked. Whenever 180e71b7053SJung-uk Kima verification error is found, the error number is stored in B<x509_ctx> 181e71b7053SJung-uk Kimand B<verify_callback> is called with B<preverify_ok>=0. By applying 182e71b7053SJung-uk KimX509_CTX_store_* functions B<verify_callback> can locate the certificate 183e71b7053SJung-uk Kimin question and perform additional steps (see EXAMPLES). If no error is 184e71b7053SJung-uk Kimfound for a certificate, B<verify_callback> is called with B<preverify_ok>=1 185e71b7053SJung-uk Kimbefore advancing to the next level. 186e71b7053SJung-uk Kim 187e71b7053SJung-uk KimThe return value of B<verify_callback> controls the strategy of the further 188e71b7053SJung-uk Kimverification process. If B<verify_callback> returns 0, the verification 189e71b7053SJung-uk Kimprocess is immediately stopped with "verification failed" state. If 190e71b7053SJung-uk KimSSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and 191e71b7053SJung-uk Kimthe TLS/SSL handshake is terminated. If B<verify_callback> returns 1, 192e71b7053SJung-uk Kimthe verification process is continued. If B<verify_callback> always returns 193e71b7053SJung-uk Kim1, the TLS/SSL handshake will not be terminated with respect to verification 194e71b7053SJung-uk Kimfailures and the connection will be established. The calling process can 195e71b7053SJung-uk Kimhowever retrieve the error code of the last verification error using 196e71b7053SJung-uk KimL<SSL_get_verify_result(3)> or by maintaining its 197e71b7053SJung-uk Kimown error storage managed by B<verify_callback>. 198e71b7053SJung-uk Kim 199e71b7053SJung-uk KimIf no B<verify_callback> is specified, the default callback will be used. 200e71b7053SJung-uk KimIts return value is identical to B<preverify_ok>, so that any verification 201e71b7053SJung-uk Kimfailure will lead to a termination of the TLS/SSL handshake with an 202e71b7053SJung-uk Kimalert message, if SSL_VERIFY_PEER is set. 203e71b7053SJung-uk Kim 204e71b7053SJung-uk KimAfter calling SSL_set_post_handshake_auth(), the client will need to add a 205e71b7053SJung-uk Kimcertificate or certificate callback to its configuration before it can 206e71b7053SJung-uk Kimsuccessfully authenticate. This must be called before SSL_connect(). 207e71b7053SJung-uk Kim 208e71b7053SJung-uk KimSSL_verify_client_post_handshake() requires that verify flags have been 209e71b7053SJung-uk Kimpreviously set, and that a client sent the post-handshake authentication 210e71b7053SJung-uk Kimextension. When the client returns a certificate the verify callback will be 211e71b7053SJung-uk Kiminvoked. A write operation must take place for the Certificate Request to be 212e71b7053SJung-uk Kimsent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). 213e71b7053SJung-uk KimOnly one certificate request may be outstanding at any time. 214e71b7053SJung-uk Kim 215e71b7053SJung-uk KimWhen post-handshake authentication occurs, a refreshed NewSessionTicket 216e71b7053SJung-uk Kimmessage is sent to the client. 217e71b7053SJung-uk Kim 218e71b7053SJung-uk Kim=head1 BUGS 219e71b7053SJung-uk Kim 220e71b7053SJung-uk KimIn client mode, it is not checked whether the SSL_VERIFY_PEER flag 221da327cd2SJung-uk Kimis set, but whether any flags other than SSL_VERIFY_NONE are set. This can 222da327cd2SJung-uk Kimlead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as 223e71b7053SJung-uk Kimrequired. 224e71b7053SJung-uk Kim 225e71b7053SJung-uk Kim=head1 RETURN VALUES 226e71b7053SJung-uk Kim 227e71b7053SJung-uk KimThe SSL*_set_verify*() functions do not provide diagnostic information. 228e71b7053SJung-uk Kim 229e71b7053SJung-uk KimThe SSL_verify_client_post_handshake() function returns 1 if the request 230e71b7053SJung-uk Kimsucceeded, and 0 if the request failed. The error stack can be examined 231e71b7053SJung-uk Kimto determine the failure reason. 232e71b7053SJung-uk Kim 233e71b7053SJung-uk Kim=head1 EXAMPLES 234e71b7053SJung-uk Kim 235e71b7053SJung-uk KimThe following code sequence realizes an example B<verify_callback> function 236e71b7053SJung-uk Kimthat will always continue the TLS/SSL handshake regardless of verification 237e71b7053SJung-uk Kimfailure, if wished. The callback realizes a verification depth limit with 238e71b7053SJung-uk Kimmore informational output. 239e71b7053SJung-uk Kim 240e71b7053SJung-uk KimAll verification errors are printed; information about the certificate chain 241e71b7053SJung-uk Kimis printed on request. 242e71b7053SJung-uk KimThe example is realized for a server that does allow but not require client 243e71b7053SJung-uk Kimcertificates. 244e71b7053SJung-uk Kim 245e71b7053SJung-uk KimThe example makes use of the ex_data technique to store application data 246e71b7053SJung-uk Kiminto/retrieve application data from the SSL structure 247e71b7053SJung-uk Kim(see L<CRYPTO_get_ex_new_index(3)>, 248e71b7053SJung-uk KimL<SSL_get_ex_data_X509_STORE_CTX_idx(3)>). 249e71b7053SJung-uk Kim 250e71b7053SJung-uk Kim ... 251e71b7053SJung-uk Kim typedef struct { 252e71b7053SJung-uk Kim int verbose_mode; 253e71b7053SJung-uk Kim int verify_depth; 254e71b7053SJung-uk Kim int always_continue; 255e71b7053SJung-uk Kim } mydata_t; 256e71b7053SJung-uk Kim int mydata_index; 257e71b7053SJung-uk Kim 258e71b7053SJung-uk Kim ... 259e71b7053SJung-uk Kim static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) 260e71b7053SJung-uk Kim { 261e71b7053SJung-uk Kim char buf[256]; 262e71b7053SJung-uk Kim X509 *err_cert; 263e71b7053SJung-uk Kim int err, depth; 264e71b7053SJung-uk Kim SSL *ssl; 265e71b7053SJung-uk Kim mydata_t *mydata; 266e71b7053SJung-uk Kim 267e71b7053SJung-uk Kim err_cert = X509_STORE_CTX_get_current_cert(ctx); 268e71b7053SJung-uk Kim err = X509_STORE_CTX_get_error(ctx); 269e71b7053SJung-uk Kim depth = X509_STORE_CTX_get_error_depth(ctx); 270e71b7053SJung-uk Kim 271e71b7053SJung-uk Kim /* 272e71b7053SJung-uk Kim * Retrieve the pointer to the SSL of the connection currently treated 273e71b7053SJung-uk Kim * and the application specific data stored into the SSL object. 274e71b7053SJung-uk Kim */ 275e71b7053SJung-uk Kim ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); 276e71b7053SJung-uk Kim mydata = SSL_get_ex_data(ssl, mydata_index); 277e71b7053SJung-uk Kim 278e71b7053SJung-uk Kim X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256); 279e71b7053SJung-uk Kim 280e71b7053SJung-uk Kim /* 281e71b7053SJung-uk Kim * Catch a too long certificate chain. The depth limit set using 282e71b7053SJung-uk Kim * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so 283e71b7053SJung-uk Kim * that whenever the "depth>verify_depth" condition is met, we 284e71b7053SJung-uk Kim * have violated the limit and want to log this error condition. 285e71b7053SJung-uk Kim * We must do it here, because the CHAIN_TOO_LONG error would not 286e71b7053SJung-uk Kim * be found explicitly; only errors introduced by cutting off the 287e71b7053SJung-uk Kim * additional certificates would be logged. 288e71b7053SJung-uk Kim */ 289e71b7053SJung-uk Kim if (depth > mydata->verify_depth) { 290e71b7053SJung-uk Kim preverify_ok = 0; 291e71b7053SJung-uk Kim err = X509_V_ERR_CERT_CHAIN_TOO_LONG; 292e71b7053SJung-uk Kim X509_STORE_CTX_set_error(ctx, err); 293e71b7053SJung-uk Kim } 294e71b7053SJung-uk Kim if (!preverify_ok) { 295e71b7053SJung-uk Kim printf("verify error:num=%d:%s:depth=%d:%s\n", err, 296e71b7053SJung-uk Kim X509_verify_cert_error_string(err), depth, buf); 297e71b7053SJung-uk Kim } else if (mydata->verbose_mode) { 298e71b7053SJung-uk Kim printf("depth=%d:%s\n", depth, buf); 299e71b7053SJung-uk Kim } 300e71b7053SJung-uk Kim 301e71b7053SJung-uk Kim /* 302e71b7053SJung-uk Kim * At this point, err contains the last verification error. We can use 303e71b7053SJung-uk Kim * it for something special 304e71b7053SJung-uk Kim */ 305e71b7053SJung-uk Kim if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) { 306e71b7053SJung-uk Kim X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256); 307e71b7053SJung-uk Kim printf("issuer= %s\n", buf); 308e71b7053SJung-uk Kim } 309e71b7053SJung-uk Kim 310e71b7053SJung-uk Kim if (mydata->always_continue) 311e71b7053SJung-uk Kim return 1; 312e71b7053SJung-uk Kim else 313e71b7053SJung-uk Kim return preverify_ok; 314e71b7053SJung-uk Kim } 315e71b7053SJung-uk Kim ... 316e71b7053SJung-uk Kim 317e71b7053SJung-uk Kim mydata_t mydata; 318e71b7053SJung-uk Kim 319e71b7053SJung-uk Kim ... 320e71b7053SJung-uk Kim mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL); 321e71b7053SJung-uk Kim 322e71b7053SJung-uk Kim ... 323e71b7053SJung-uk Kim SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, 324e71b7053SJung-uk Kim verify_callback); 325e71b7053SJung-uk Kim 326e71b7053SJung-uk Kim /* 327e71b7053SJung-uk Kim * Let the verify_callback catch the verify_depth error so that we get 328e71b7053SJung-uk Kim * an appropriate error in the logfile. 329e71b7053SJung-uk Kim */ 330e71b7053SJung-uk Kim SSL_CTX_set_verify_depth(verify_depth + 1); 331e71b7053SJung-uk Kim 332e71b7053SJung-uk Kim /* 333e71b7053SJung-uk Kim * Set up the SSL specific data into "mydata" and store it into th SSL 334e71b7053SJung-uk Kim * structure. 335e71b7053SJung-uk Kim */ 336e71b7053SJung-uk Kim mydata.verify_depth = verify_depth; ... 337e71b7053SJung-uk Kim SSL_set_ex_data(ssl, mydata_index, &mydata); 338e71b7053SJung-uk Kim 339e71b7053SJung-uk Kim ... 340e71b7053SJung-uk Kim SSL_accept(ssl); /* check of success left out for clarity */ 341e71b7053SJung-uk Kim if (peer = SSL_get_peer_certificate(ssl)) { 342e71b7053SJung-uk Kim if (SSL_get_verify_result(ssl) == X509_V_OK) { 343e71b7053SJung-uk Kim /* The client sent a certificate which verified OK */ 344e71b7053SJung-uk Kim } 345e71b7053SJung-uk Kim } 346e71b7053SJung-uk Kim 347e71b7053SJung-uk Kim=head1 SEE ALSO 348e71b7053SJung-uk Kim 349e71b7053SJung-uk KimL<ssl(7)>, L<SSL_new(3)>, 350e71b7053SJung-uk KimL<SSL_CTX_get_verify_mode(3)>, 351e71b7053SJung-uk KimL<SSL_get_verify_result(3)>, 352e71b7053SJung-uk KimL<SSL_CTX_load_verify_locations(3)>, 353e71b7053SJung-uk KimL<SSL_get_peer_certificate(3)>, 354e71b7053SJung-uk KimL<SSL_CTX_set_cert_verify_callback(3)>, 355e71b7053SJung-uk KimL<SSL_get_ex_data_X509_STORE_CTX_idx(3)>, 356e71b7053SJung-uk KimL<SSL_CTX_set_client_cert_cb(3)>, 357e71b7053SJung-uk KimL<CRYPTO_get_ex_new_index(3)> 358e71b7053SJung-uk Kim 359e71b7053SJung-uk Kim=head1 HISTORY 360e71b7053SJung-uk Kim 361e71b7053SJung-uk KimThe SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() 362e71b7053SJung-uk Kimand SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1. 363e71b7053SJung-uk Kim 364e71b7053SJung-uk Kim=head1 COPYRIGHT 365e71b7053SJung-uk Kim 366*b077aed3SPierre ProncheryCopyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. 367e71b7053SJung-uk Kim 368*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 369e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 370e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 371e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 372e71b7053SJung-uk Kim 373e71b7053SJung-uk Kim=cut 374