*
*/
+#define _XOPEN_SOURCE 600 /* Or gethostname won't be declared properly
+ on Linux and GNU platforms. */
+#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
+ on Compaq platforms (at least with DEC C).
+ */
+
#include <assert.h>
#include <errno.h>
#include <limits.h>
#include <string.h>
#include <time.h>
-#include "openssl/e_os.h"
+#include "e_os.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/ssl.h>
+#include <openssl/engine.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#ifdef OPENSSL_SYS_WINDOWS
#include <winsock.h>
#include "../crypto/bio/bss_file.c"
+#else
+#include OPENSSL_UNISTD
#endif
#ifdef OPENSSL_SYS_VMS
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
static void free_tmp_rsa(void);
#endif
+static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
+#define APP_CALLBACK "Test Callback Argument"
+static char *app_verify_arg = APP_CALLBACK;
+
#ifndef OPENSSL_NO_DH
static DH *get_dh512(void);
static DH *get_dh1024(void);
int tls1=0,ssl2=0,ssl3=0,ret=1;
int client_auth=0;
int server_auth=0,i;
+ int app_verify=0;
char *server_cert=TEST_SERVER_CERT;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
CRYPTO_set_locking_callback(lock_dbg_cb);
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+ {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ }
+ else
+ {
+ /* OPENSSL_DEBUG_MEMORY=off */
+ CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+ }
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
{
comp = COMP_RLE;
}
+ else if (strcmp(*argv,"-app_verify") == 0)
+ {
+ app_verify = 1;
+ }
else
{
fprintf(stderr,"unknown option %s\n",*argv);
SSL_CTX_set_verify(s_ctx,
SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
+ if (app_verify)
+ {
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
+ }
}
if (server_auth)
{
BIO_printf(bio_err,"server authentication\n");
SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
verify_callback);
+ if (app_verify)
+ {
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
+ }
}
{
#ifndef OPENSSL_NO_RSA
free_tmp_rsa();
#endif
+ ENGINE_cleanup();
+ CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);
EVP_cleanup();
return(ok);
}
+static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
+ {
+ char *s = NULL,buf[256];
+ int ok=1;
+
+ fprintf(stderr, "In app_verify_callback, allowing cert. ");
+ fprintf(stderr, "Arg is: %s\n", (char *)arg);
+ fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
+ (unsigned int)ctx, (unsigned int)ctx->cert);
+ if (ctx->cert)
+ s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
+ if (s != NULL)
+ {
+ fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
+ }
+
+ return(ok);
+ }
+
#ifndef OPENSSL_NO_RSA
static RSA *rsa_tmp=NULL;