Scroll to navigation

Callback Functions(3) globus_gsi_callback Callback Functions(3)

NAME

Callback Functions -

Functions


globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int *index)
 
Get callback data index from X509_STORE. globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int *index)
 
Get callback data index from SSL structure. int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX *context, void *arg)
 
Certificate verify wrapper. int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX *x509_context)
 
Independent path validation callback. int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX *x509_context)
 
SSL path validation callback. int globus_gsi_callback_check_issued (X509_STORE_CTX *context, X509 *cert, X509 *issuer)
 
OpenSSL X509_check_issued() wrapper.

Detailed Description

Functions that plug into various plug points in the OpenSSL path validation mechanism. These functions add CRL checking, X509 Extension handling and proxy validation.

Function Documentation

int globus_gsi_callback_check_issued (X509_STORE_CTX *context, X509 *cert, X509 *issuer)

OpenSSL X509_check_issued() wrapper. This function wraps the OpenSSL X509_check_issued() call and catches the error caused by the fact that a proxy certificate issuer may not have to have the correct KeyUsage fields set.
Parameters:
context The validation state object.
 
cert The certificate to check
 
issuer The issuer certificate to check
Returns:
1 on success 0 on failure

int globus_gsi_callback_create_proxy_callback (intpreverify_ok, X509_STORE_CTX *x509_context)

Independent path validation callback. This function provides a path validation callback for validation outside of a SSL session. It should be used in X509_STORE_set_verify_cb_func().
Parameters:
preverify_ok Communicates the result of default validation steps performed by OpenSSL
 
x509_context The validation state object
Returns:
1 on success 0 on failure

globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int *index)

Get callback data index from SSL structure. Retrieve or create the index for our callback data structure in the SSL structure.
Parameters:
index Will contain the index upon return
Returns:
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int *index)

Get callback data index from X509_STORE. Retrieve or create the index for our callback data structure in the X509_STORE.
Parameters:
index Will contain the index upon return
Returns:
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

int globus_gsi_callback_handshake_callback (intpreverify_ok, X509_STORE_CTX *x509_context)

SSL path validation callback. This function provides a path validation callback for the validation part of establishing a SSL session. It handles proxy certificates, X509 Extensions and CRL checking. It should be used in SSL_CTX_set_verify().
Parameters:
preverify_ok Communicates the result of default validation steps performed by OpenSSL
 
x509_context The validation state object.
Returns:
1 on success 0 on failure

int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX *context, void *arg)

Certificate verify wrapper. This function wraps the OpenSSL certificate verification callback for the purpose of a replacing the standard issuer check with one that deals with proxy certificates. Should be used with SSL_CTX_set_cert_verify_callback()
Parameters:
context The X509_STORE_CTX for which to register the callback.
 
arg Arguments to the callback. Currently ignored.
Returns:
1 on success 0 on failure

Author

Generated automatically by Doxygen for globus_gsi_callback from the source code.
Sun Nov 9 2014 Version 5.6