1*e71b7053SJung-uk Kim=pod 2*e71b7053SJung-uk Kim 3*e71b7053SJung-uk Kim=head1 NAME 4*e71b7053SJung-uk Kim 5*e71b7053SJung-uk KimSSL_get_ex_data_X509_STORE_CTX_idx, 6*e71b7053SJung-uk KimSSL_CTX_set_verify, SSL_set_verify, 7*e71b7053SJung-uk KimSSL_CTX_set_verify_depth, SSL_set_verify_depth, 8*e71b7053SJung-uk KimSSL_verify_cb, 9*e71b7053SJung-uk KimSSL_verify_client_post_handshake, 10*e71b7053SJung-uk KimSSL_set_post_handshake_auth, 11*e71b7053SJung-uk KimSSL_CTX_set_post_handshake_auth 12*e71b7053SJung-uk Kim- set peer certificate verification parameters 13*e71b7053SJung-uk Kim 14*e71b7053SJung-uk Kim=head1 SYNOPSIS 15*e71b7053SJung-uk Kim 16*e71b7053SJung-uk Kim #include <openssl/ssl.h> 17*e71b7053SJung-uk Kim 18*e71b7053SJung-uk Kim typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx); 19*e71b7053SJung-uk Kim 20*e71b7053SJung-uk Kim void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback); 21*e71b7053SJung-uk Kim void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback); 22*e71b7053SJung-uk Kim SSL_get_ex_data_X509_STORE_CTX_idx(void); 23*e71b7053SJung-uk Kim 24*e71b7053SJung-uk Kim void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); 25*e71b7053SJung-uk Kim void SSL_set_verify_depth(SSL *ssl, int depth); 26*e71b7053SJung-uk Kim 27*e71b7053SJung-uk Kim int SSL_verify_client_post_handshake(SSL *ssl); 28*e71b7053SJung-uk Kim void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val); 29*e71b7053SJung-uk Kim void SSL_set_post_handshake_auth(SSL *ssl, int val); 30*e71b7053SJung-uk Kim 31*e71b7053SJung-uk Kim=head1 DESCRIPTION 32*e71b7053SJung-uk Kim 33*e71b7053SJung-uk KimSSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> and 34*e71b7053SJung-uk Kimspecifies the B<verify_callback> function to be used. If no callback function 35*e71b7053SJung-uk Kimshall be specified, the NULL pointer can be used for B<verify_callback>. 36*e71b7053SJung-uk Kim 37*e71b7053SJung-uk KimSSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and 38*e71b7053SJung-uk Kimspecifies the B<verify_callback> function to be used. If no callback function 39*e71b7053SJung-uk Kimshall be specified, the NULL pointer can be used for B<verify_callback>. In 40*e71b7053SJung-uk Kimthis case last B<verify_callback> set specifically for this B<ssl> remains. If 41*e71b7053SJung-uk Kimno special B<callback> was set before, the default callback for the underlying 42*e71b7053SJung-uk KimB<ctx> is used, that was valid at the time B<ssl> was created with 43*e71b7053SJung-uk KimL<SSL_new(3)>. Within the callback function, 44*e71b7053SJung-uk KimB<SSL_get_ex_data_X509_STORE_CTX_idx> can be called to get the data index 45*e71b7053SJung-uk Kimof the current SSL object that is doing the verification. 46*e71b7053SJung-uk Kim 47*e71b7053SJung-uk KimSSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain 48*e71b7053SJung-uk Kimverification that shall be allowed for B<ctx>. 49*e71b7053SJung-uk Kim 50*e71b7053SJung-uk KimSSL_set_verify_depth() sets the maximum B<depth> for the certificate chain 51*e71b7053SJung-uk Kimverification that shall be allowed for B<ssl>. 52*e71b7053SJung-uk Kim 53*e71b7053SJung-uk KimSSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the 54*e71b7053SJung-uk KimPost-Handshake Authentication extension to be added to the ClientHello such that 55*e71b7053SJung-uk Kimpost-handshake authentication can be requested by the server. If B<val> is 0 56*e71b7053SJung-uk Kimthen the extension is not sent, otherwise it is. By default the extension is not 57*e71b7053SJung-uk Kimsent. A certificate callback will need to be set via 58*e71b7053SJung-uk KimSSL_CTX_set_client_cert_cb() if no certificate is provided at initialization. 59*e71b7053SJung-uk Kim 60*e71b7053SJung-uk KimSSL_verify_client_post_handshake() causes a CertificateRequest message to be 61*e71b7053SJung-uk Kimsent by a server on the given B<ssl> connection. The SSL_VERIFY_PEER flag must 62*e71b7053SJung-uk Kimbe set; the SSL_VERIFY_POST_HANDSHAKE flag is optional. 63*e71b7053SJung-uk Kim 64*e71b7053SJung-uk Kim=head1 NOTES 65*e71b7053SJung-uk Kim 66*e71b7053SJung-uk KimThe verification of certificates can be controlled by a set of logically 67*e71b7053SJung-uk Kimor'ed B<mode> flags: 68*e71b7053SJung-uk Kim 69*e71b7053SJung-uk Kim=over 4 70*e71b7053SJung-uk Kim 71*e71b7053SJung-uk Kim=item SSL_VERIFY_NONE 72*e71b7053SJung-uk Kim 73*e71b7053SJung-uk KimB<Server mode:> the server will not send a client certificate request to the 74*e71b7053SJung-uk Kimclient, so the client will not send a certificate. 75*e71b7053SJung-uk Kim 76*e71b7053SJung-uk KimB<Client mode:> if not using an anonymous cipher (by default disabled), the 77*e71b7053SJung-uk Kimserver will send a certificate which will be checked. The result of the 78*e71b7053SJung-uk Kimcertificate verification process can be checked after the TLS/SSL handshake 79*e71b7053SJung-uk Kimusing the L<SSL_get_verify_result(3)> function. 80*e71b7053SJung-uk KimThe handshake will be continued regardless of the verification result. 81*e71b7053SJung-uk Kim 82*e71b7053SJung-uk Kim=item SSL_VERIFY_PEER 83*e71b7053SJung-uk Kim 84*e71b7053SJung-uk KimB<Server mode:> the server sends a client certificate request to the client. 85*e71b7053SJung-uk KimThe certificate returned (if any) is checked. If the verification process 86*e71b7053SJung-uk Kimfails, the TLS/SSL handshake is 87*e71b7053SJung-uk Kimimmediately terminated with an alert message containing the reason for 88*e71b7053SJung-uk Kimthe verification failure. 89*e71b7053SJung-uk KimThe behaviour can be controlled by the additional 90*e71b7053SJung-uk KimSSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and 91*e71b7053SJung-uk KimSSL_VERIFY_POST_HANDSHAKE flags. 92*e71b7053SJung-uk Kim 93*e71b7053SJung-uk KimB<Client mode:> the server certificate is verified. If the verification process 94*e71b7053SJung-uk Kimfails, the TLS/SSL handshake is 95*e71b7053SJung-uk Kimimmediately terminated with an alert message containing the reason for 96*e71b7053SJung-uk Kimthe verification failure. If no server certificate is sent, because an 97*e71b7053SJung-uk Kimanonymous cipher is used, SSL_VERIFY_PEER is ignored. 98*e71b7053SJung-uk Kim 99*e71b7053SJung-uk Kim=item SSL_VERIFY_FAIL_IF_NO_PEER_CERT 100*e71b7053SJung-uk Kim 101*e71b7053SJung-uk KimB<Server mode:> if the client did not return a certificate, the TLS/SSL 102*e71b7053SJung-uk Kimhandshake is immediately terminated with a "handshake failure" alert. 103*e71b7053SJung-uk KimThis flag must be used together with SSL_VERIFY_PEER. 104*e71b7053SJung-uk Kim 105*e71b7053SJung-uk KimB<Client mode:> ignored 106*e71b7053SJung-uk Kim 107*e71b7053SJung-uk Kim=item SSL_VERIFY_CLIENT_ONCE 108*e71b7053SJung-uk Kim 109*e71b7053SJung-uk KimB<Server mode:> only request a client certificate once during the 110*e71b7053SJung-uk Kimconnection. Do not ask for a client certificate again during 111*e71b7053SJung-uk Kimrenegotiation or post-authentication if a certificate was requested 112*e71b7053SJung-uk Kimduring the initial handshake. This flag must be used together with 113*e71b7053SJung-uk KimSSL_VERIFY_PEER. 114*e71b7053SJung-uk Kim 115*e71b7053SJung-uk KimB<Client mode:> ignored 116*e71b7053SJung-uk Kim 117*e71b7053SJung-uk Kim=item SSL_VERIFY_POST_HANDSHAKE 118*e71b7053SJung-uk Kim 119*e71b7053SJung-uk KimB<Server mode:> the server will not send a client certificate request 120*e71b7053SJung-uk Kimduring the initial handshake, but will send the request via 121*e71b7053SJung-uk KimSSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL 122*e71b7053SJung-uk Kimto be configured for post-handshake peer verification before the 123*e71b7053SJung-uk Kimhandshake occurs. This flag must be used together with 124*e71b7053SJung-uk KimSSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections. 125*e71b7053SJung-uk Kim 126*e71b7053SJung-uk KimB<Client mode:> ignored 127*e71b7053SJung-uk Kim 128*e71b7053SJung-uk Kim=back 129*e71b7053SJung-uk Kim 130*e71b7053SJung-uk KimIf the B<mode> is SSL_VERIFY_NONE none of the other flags may be set. 131*e71b7053SJung-uk Kim 132*e71b7053SJung-uk KimThe actual verification procedure is performed either using the built-in 133*e71b7053SJung-uk Kimverification procedure or using another application provided verification 134*e71b7053SJung-uk Kimfunction set with 135*e71b7053SJung-uk KimL<SSL_CTX_set_cert_verify_callback(3)>. 136*e71b7053SJung-uk KimThe following descriptions apply in the case of the built-in procedure. An 137*e71b7053SJung-uk Kimapplication provided procedure also has access to the verify depth information 138*e71b7053SJung-uk Kimand the verify_callback() function, but the way this information is used 139*e71b7053SJung-uk Kimmay be different. 140*e71b7053SJung-uk Kim 141*e71b7053SJung-uk KimSSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the 142*e71b7053SJung-uk Kimnumber of certificates between the end-entity and trust-anchor certificates. 143*e71b7053SJung-uk KimNeither the 144*e71b7053SJung-uk Kimend-entity nor the trust-anchor certificates count against B<depth>. If the 145*e71b7053SJung-uk Kimcertificate chain needed to reach a trusted issuer is longer than B<depth+2>, 146*e71b7053SJung-uk KimX509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. 147*e71b7053SJung-uk KimThe depth count is "level 0:peer certificate", "level 1: CA certificate", 148*e71b7053SJung-uk Kim"level 2: higher level CA certificate", and so on. Setting the maximum 149*e71b7053SJung-uk Kimdepth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the 150*e71b7053SJung-uk Kimtrust-anchor). 151*e71b7053SJung-uk KimThe default depth limit is 100, 152*e71b7053SJung-uk Kimallowing for the peer certificate, at most 100 intermediate CA certificates and 153*e71b7053SJung-uk Kima final trust anchor certificate. 154*e71b7053SJung-uk Kim 155*e71b7053SJung-uk KimThe B<verify_callback> function is used to control the behaviour when the 156*e71b7053SJung-uk KimSSL_VERIFY_PEER flag is set. It must be supplied by the application and 157*e71b7053SJung-uk Kimreceives two arguments: B<preverify_ok> indicates, whether the verification of 158*e71b7053SJung-uk Kimthe certificate in question was passed (preverify_ok=1) or not 159*e71b7053SJung-uk Kim(preverify_ok=0). B<x509_ctx> is a pointer to the complete context used 160*e71b7053SJung-uk Kimfor the certificate chain verification. 161*e71b7053SJung-uk Kim 162*e71b7053SJung-uk KimThe certificate chain is checked starting with the deepest nesting level 163*e71b7053SJung-uk Kim(the root CA certificate) and worked upward to the peer's certificate. 164*e71b7053SJung-uk KimAt each level signatures and issuer attributes are checked. Whenever 165*e71b7053SJung-uk Kima verification error is found, the error number is stored in B<x509_ctx> 166*e71b7053SJung-uk Kimand B<verify_callback> is called with B<preverify_ok>=0. By applying 167*e71b7053SJung-uk KimX509_CTX_store_* functions B<verify_callback> can locate the certificate 168*e71b7053SJung-uk Kimin question and perform additional steps (see EXAMPLES). If no error is 169*e71b7053SJung-uk Kimfound for a certificate, B<verify_callback> is called with B<preverify_ok>=1 170*e71b7053SJung-uk Kimbefore advancing to the next level. 171*e71b7053SJung-uk Kim 172*e71b7053SJung-uk KimThe return value of B<verify_callback> controls the strategy of the further 173*e71b7053SJung-uk Kimverification process. If B<verify_callback> returns 0, the verification 174*e71b7053SJung-uk Kimprocess is immediately stopped with "verification failed" state. If 175*e71b7053SJung-uk KimSSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and 176*e71b7053SJung-uk Kimthe TLS/SSL handshake is terminated. If B<verify_callback> returns 1, 177*e71b7053SJung-uk Kimthe verification process is continued. If B<verify_callback> always returns 178*e71b7053SJung-uk Kim1, the TLS/SSL handshake will not be terminated with respect to verification 179*e71b7053SJung-uk Kimfailures and the connection will be established. The calling process can 180*e71b7053SJung-uk Kimhowever retrieve the error code of the last verification error using 181*e71b7053SJung-uk KimL<SSL_get_verify_result(3)> or by maintaining its 182*e71b7053SJung-uk Kimown error storage managed by B<verify_callback>. 183*e71b7053SJung-uk Kim 184*e71b7053SJung-uk KimIf no B<verify_callback> is specified, the default callback will be used. 185*e71b7053SJung-uk KimIts return value is identical to B<preverify_ok>, so that any verification 186*e71b7053SJung-uk Kimfailure will lead to a termination of the TLS/SSL handshake with an 187*e71b7053SJung-uk Kimalert message, if SSL_VERIFY_PEER is set. 188*e71b7053SJung-uk Kim 189*e71b7053SJung-uk KimAfter calling SSL_set_post_handshake_auth(), the client will need to add a 190*e71b7053SJung-uk Kimcertificate or certificate callback to its configuration before it can 191*e71b7053SJung-uk Kimsuccessfully authenticate. This must be called before SSL_connect(). 192*e71b7053SJung-uk Kim 193*e71b7053SJung-uk KimSSL_verify_client_post_handshake() requires that verify flags have been 194*e71b7053SJung-uk Kimpreviously set, and that a client sent the post-handshake authentication 195*e71b7053SJung-uk Kimextension. When the client returns a certificate the verify callback will be 196*e71b7053SJung-uk Kiminvoked. A write operation must take place for the Certificate Request to be 197*e71b7053SJung-uk Kimsent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). 198*e71b7053SJung-uk KimOnly one certificate request may be outstanding at any time. 199*e71b7053SJung-uk Kim 200*e71b7053SJung-uk KimWhen post-handshake authentication occurs, a refreshed NewSessionTicket 201*e71b7053SJung-uk Kimmessage is sent to the client. 202*e71b7053SJung-uk Kim 203*e71b7053SJung-uk Kim=head1 BUGS 204*e71b7053SJung-uk Kim 205*e71b7053SJung-uk KimIn client mode, it is not checked whether the SSL_VERIFY_PEER flag 206*e71b7053SJung-uk Kimis set, but whether any flags are set. This can lead to 207*e71b7053SJung-uk Kimunexpected behaviour if SSL_VERIFY_PEER and other flags are not used as 208*e71b7053SJung-uk Kimrequired. 209*e71b7053SJung-uk Kim 210*e71b7053SJung-uk Kim=head1 RETURN VALUES 211*e71b7053SJung-uk Kim 212*e71b7053SJung-uk KimThe SSL*_set_verify*() functions do not provide diagnostic information. 213*e71b7053SJung-uk Kim 214*e71b7053SJung-uk KimThe SSL_verify_client_post_handshake() function returns 1 if the request 215*e71b7053SJung-uk Kimsucceeded, and 0 if the request failed. The error stack can be examined 216*e71b7053SJung-uk Kimto determine the failure reason. 217*e71b7053SJung-uk Kim 218*e71b7053SJung-uk Kim=head1 EXAMPLES 219*e71b7053SJung-uk Kim 220*e71b7053SJung-uk KimThe following code sequence realizes an example B<verify_callback> function 221*e71b7053SJung-uk Kimthat will always continue the TLS/SSL handshake regardless of verification 222*e71b7053SJung-uk Kimfailure, if wished. The callback realizes a verification depth limit with 223*e71b7053SJung-uk Kimmore informational output. 224*e71b7053SJung-uk Kim 225*e71b7053SJung-uk KimAll verification errors are printed; information about the certificate chain 226*e71b7053SJung-uk Kimis printed on request. 227*e71b7053SJung-uk KimThe example is realized for a server that does allow but not require client 228*e71b7053SJung-uk Kimcertificates. 229*e71b7053SJung-uk Kim 230*e71b7053SJung-uk KimThe example makes use of the ex_data technique to store application data 231*e71b7053SJung-uk Kiminto/retrieve application data from the SSL structure 232*e71b7053SJung-uk Kim(see L<CRYPTO_get_ex_new_index(3)>, 233*e71b7053SJung-uk KimL<SSL_get_ex_data_X509_STORE_CTX_idx(3)>). 234*e71b7053SJung-uk Kim 235*e71b7053SJung-uk Kim ... 236*e71b7053SJung-uk Kim typedef struct { 237*e71b7053SJung-uk Kim int verbose_mode; 238*e71b7053SJung-uk Kim int verify_depth; 239*e71b7053SJung-uk Kim int always_continue; 240*e71b7053SJung-uk Kim } mydata_t; 241*e71b7053SJung-uk Kim int mydata_index; 242*e71b7053SJung-uk Kim 243*e71b7053SJung-uk Kim ... 244*e71b7053SJung-uk Kim static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) 245*e71b7053SJung-uk Kim { 246*e71b7053SJung-uk Kim char buf[256]; 247*e71b7053SJung-uk Kim X509 *err_cert; 248*e71b7053SJung-uk Kim int err, depth; 249*e71b7053SJung-uk Kim SSL *ssl; 250*e71b7053SJung-uk Kim mydata_t *mydata; 251*e71b7053SJung-uk Kim 252*e71b7053SJung-uk Kim err_cert = X509_STORE_CTX_get_current_cert(ctx); 253*e71b7053SJung-uk Kim err = X509_STORE_CTX_get_error(ctx); 254*e71b7053SJung-uk Kim depth = X509_STORE_CTX_get_error_depth(ctx); 255*e71b7053SJung-uk Kim 256*e71b7053SJung-uk Kim /* 257*e71b7053SJung-uk Kim * Retrieve the pointer to the SSL of the connection currently treated 258*e71b7053SJung-uk Kim * and the application specific data stored into the SSL object. 259*e71b7053SJung-uk Kim */ 260*e71b7053SJung-uk Kim ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); 261*e71b7053SJung-uk Kim mydata = SSL_get_ex_data(ssl, mydata_index); 262*e71b7053SJung-uk Kim 263*e71b7053SJung-uk Kim X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256); 264*e71b7053SJung-uk Kim 265*e71b7053SJung-uk Kim /* 266*e71b7053SJung-uk Kim * Catch a too long certificate chain. The depth limit set using 267*e71b7053SJung-uk Kim * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so 268*e71b7053SJung-uk Kim * that whenever the "depth>verify_depth" condition is met, we 269*e71b7053SJung-uk Kim * have violated the limit and want to log this error condition. 270*e71b7053SJung-uk Kim * We must do it here, because the CHAIN_TOO_LONG error would not 271*e71b7053SJung-uk Kim * be found explicitly; only errors introduced by cutting off the 272*e71b7053SJung-uk Kim * additional certificates would be logged. 273*e71b7053SJung-uk Kim */ 274*e71b7053SJung-uk Kim if (depth > mydata->verify_depth) { 275*e71b7053SJung-uk Kim preverify_ok = 0; 276*e71b7053SJung-uk Kim err = X509_V_ERR_CERT_CHAIN_TOO_LONG; 277*e71b7053SJung-uk Kim X509_STORE_CTX_set_error(ctx, err); 278*e71b7053SJung-uk Kim } 279*e71b7053SJung-uk Kim if (!preverify_ok) { 280*e71b7053SJung-uk Kim printf("verify error:num=%d:%s:depth=%d:%s\n", err, 281*e71b7053SJung-uk Kim X509_verify_cert_error_string(err), depth, buf); 282*e71b7053SJung-uk Kim } else if (mydata->verbose_mode) { 283*e71b7053SJung-uk Kim printf("depth=%d:%s\n", depth, buf); 284*e71b7053SJung-uk Kim } 285*e71b7053SJung-uk Kim 286*e71b7053SJung-uk Kim /* 287*e71b7053SJung-uk Kim * At this point, err contains the last verification error. We can use 288*e71b7053SJung-uk Kim * it for something special 289*e71b7053SJung-uk Kim */ 290*e71b7053SJung-uk Kim if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) { 291*e71b7053SJung-uk Kim X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256); 292*e71b7053SJung-uk Kim printf("issuer= %s\n", buf); 293*e71b7053SJung-uk Kim } 294*e71b7053SJung-uk Kim 295*e71b7053SJung-uk Kim if (mydata->always_continue) 296*e71b7053SJung-uk Kim return 1; 297*e71b7053SJung-uk Kim else 298*e71b7053SJung-uk Kim return preverify_ok; 299*e71b7053SJung-uk Kim } 300*e71b7053SJung-uk Kim ... 301*e71b7053SJung-uk Kim 302*e71b7053SJung-uk Kim mydata_t mydata; 303*e71b7053SJung-uk Kim 304*e71b7053SJung-uk Kim ... 305*e71b7053SJung-uk Kim mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL); 306*e71b7053SJung-uk Kim 307*e71b7053SJung-uk Kim ... 308*e71b7053SJung-uk Kim SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, 309*e71b7053SJung-uk Kim verify_callback); 310*e71b7053SJung-uk Kim 311*e71b7053SJung-uk Kim /* 312*e71b7053SJung-uk Kim * Let the verify_callback catch the verify_depth error so that we get 313*e71b7053SJung-uk Kim * an appropriate error in the logfile. 314*e71b7053SJung-uk Kim */ 315*e71b7053SJung-uk Kim SSL_CTX_set_verify_depth(verify_depth + 1); 316*e71b7053SJung-uk Kim 317*e71b7053SJung-uk Kim /* 318*e71b7053SJung-uk Kim * Set up the SSL specific data into "mydata" and store it into th SSL 319*e71b7053SJung-uk Kim * structure. 320*e71b7053SJung-uk Kim */ 321*e71b7053SJung-uk Kim mydata.verify_depth = verify_depth; ... 322*e71b7053SJung-uk Kim SSL_set_ex_data(ssl, mydata_index, &mydata); 323*e71b7053SJung-uk Kim 324*e71b7053SJung-uk Kim ... 325*e71b7053SJung-uk Kim SSL_accept(ssl); /* check of success left out for clarity */ 326*e71b7053SJung-uk Kim if (peer = SSL_get_peer_certificate(ssl)) { 327*e71b7053SJung-uk Kim if (SSL_get_verify_result(ssl) == X509_V_OK) { 328*e71b7053SJung-uk Kim /* The client sent a certificate which verified OK */ 329*e71b7053SJung-uk Kim } 330*e71b7053SJung-uk Kim } 331*e71b7053SJung-uk Kim 332*e71b7053SJung-uk Kim=head1 SEE ALSO 333*e71b7053SJung-uk Kim 334*e71b7053SJung-uk KimL<ssl(7)>, L<SSL_new(3)>, 335*e71b7053SJung-uk KimL<SSL_CTX_get_verify_mode(3)>, 336*e71b7053SJung-uk KimL<SSL_get_verify_result(3)>, 337*e71b7053SJung-uk KimL<SSL_CTX_load_verify_locations(3)>, 338*e71b7053SJung-uk KimL<SSL_get_peer_certificate(3)>, 339*e71b7053SJung-uk KimL<SSL_CTX_set_cert_verify_callback(3)>, 340*e71b7053SJung-uk KimL<SSL_get_ex_data_X509_STORE_CTX_idx(3)>, 341*e71b7053SJung-uk KimL<SSL_CTX_set_client_cert_cb(3)>, 342*e71b7053SJung-uk KimL<CRYPTO_get_ex_new_index(3)> 343*e71b7053SJung-uk Kim 344*e71b7053SJung-uk Kim=head1 HISTORY 345*e71b7053SJung-uk Kim 346*e71b7053SJung-uk KimThe SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() 347*e71b7053SJung-uk Kimand SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1. 348*e71b7053SJung-uk Kim 349*e71b7053SJung-uk Kim=head1 COPYRIGHT 350*e71b7053SJung-uk Kim 351*e71b7053SJung-uk KimCopyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. 352*e71b7053SJung-uk Kim 353*e71b7053SJung-uk KimLicensed under the OpenSSL license (the "License"). You may not use 354*e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 355*e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 356*e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 357*e71b7053SJung-uk Kim 358*e71b7053SJung-uk Kim=cut 359