openssl wrapper: introduce X509_VERIFY_PARAM_set/clear_hostflags

This defines the OpenSSL X509_CHECK_FLAG_...s and the set/clear accessors. Since none of them are supported, the set / clear accessor currently always does nothing and returns error. This call is often part of the generic openssl user code to set up certificate verification. This patch allows it to compile for ESP32 and decide at runtime what to do about unsupported flags. Merges https://github.com/espressif/esp-idf/pull/980
2025-12-15 19:34:03 +00:00 · 2017-09-10 08:05:09 +08:00
parent effc6c6d0d
commit ae1f1e9b84
2 changed files with 54 additions and 0 deletions
--- a/components/openssl/library/ssl_x509.c
+++ b/components/openssl/library/ssl_x509.c
@@ -126,6 +126,28 @@ X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
    return &ssl->param;
 }

+/**
+ * @brief set X509 host verification flags
+ */
+
+int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                    unsigned long flags)
+{
+    /* flags not supported yet */
+    return 0;
+}
+
+/**
+ * @brief clear X509 host verification flags
+ */
+
+int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param,
+                      unsigned long flags)
+{
+    /* flags not supported yet */
+    return 0;
+}
+
 /**
 * @brief set SSL context client CA certification
 */