components/openssl: add SSL and SSL context verify mode selection

2025-08-09 20:41:14 +00:00 · 2016-09-23 11:41:57 +08:00
parent f5d9bfc7ae
commit e475d0539e
9 changed files with 88 additions and 95 deletions
--- a/components/openssl/library/ssl_lib.c
+++ b/components/openssl/library/ssl_lib.c
@@ -284,6 +284,7 @@ SSL *SSL_new(SSL_CTX *ctx)

    ssl->cert = ctx->cert;
    ssl->client_CA = ctx->client_CA;
+    ssl->verify_mode = ctx->verify_mode;

    ret = SSL_METHOD_CALL(new, ssl);
    if (ret)
@@ -1726,21 +1727,6 @@ long SSL_set_timeout(SSL *ssl, long t)
    return t;
 }

-/*
- * SSL_set_verify - set the SSL verifying of the SSL context
- *
- * @param ctx             - SSL point
- * @param mode            - verifying mode
- * @param verify_callback - verifying callback function
- *
- * @return none
- */
-void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_CTX *))
-{
-    SSL_ASSERT(ssl);
-    SSL_ASSERT(verify_callback);
-}
-
 /*
 * SSL_get_verify_result - get the verifying result of the SSL certification
 *
@@ -1812,3 +1798,37 @@ void SSL_set_verify_depth(SSL *ssl, int depth)

    ssl->param.depth = depth;
 }
+
+/*
+ * SSL_CTX_set_verify - set the SSL context verifying of the SSL context
+ *
+ * @param ctx             - SSL context point
+ * @param mode            - verifying mode
+ * @param verify_callback - verifying callback function
+ *
+ * @return none
+ */
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *))
+{
+    SSL_ASSERT(ctx);
+
+    ctx->verify_mode = mode;
+    ctx->default_verify_callback = verify_callback;
+}
+
+/*
+ * SSL_set_verify - set the SSL verifying of the SSL context
+ *
+ * @param ctx             - SSL point
+ * @param mode            - verifying mode
+ * @param verify_callback - verifying callback function
+ *
+ * @return none
+ */
+void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_CTX *))
+{
+    SSL_ASSERT(ctx);
+
+    ssl->verify_mode = mode;
+    ssl->verify_callback = verify_callback;
+}