projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
More little changes to the tunala demo;
[openssl.git] / demos / tunala / cb.c
diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c
index 37a474e37edad69f187212e28d3cd6ebf63e8853..4633c0993e7e5e48c53287e41286fffbae433038 100644 (file)
--- a/demos/tunala/cb.c
+++ b/demos/tunala/cb.c
@@ -7,8 +7,8 @@ static FILE *fp_cb_ssl_info = NULL;
 static FILE *fp_cb_ssl_verify = NULL;
 
 /* Other static rubbish (to mirror s_cb.c where required) */
 static FILE *fp_cb_ssl_verify = NULL;
 
 /* Other static rubbish (to mirror s_cb.c where required) */
-static int verify_depth = 10;
-static int verify_error = X509_V_OK;
+static int int_verify_depth = 10;
+static int int_verify_error = X509_V_OK;
 
 /* This function is largely borrowed from the one used in OpenSSL's "s_client"
  * and "s_server" utilities. */
 
 /* This function is largely borrowed from the one used in OpenSSL's "s_client"
  * and "s_server" utilities. */
@@ -61,13 +61,10 @@ int cb_ssl_verify(int ok, X509_STORE_CTX *ctx)
        if(!ok) {
                fprintf(fp_cb_ssl_verify,"verify error:num=%d:%s\n",err,
                        X509_verify_cert_error_string(err));
        if(!ok) {
                fprintf(fp_cb_ssl_verify,"verify error:num=%d:%s\n",err,
                        X509_verify_cert_error_string(err));
-               if(verify_depth >= depth) {
-                       ok = 1;
-                       verify_error = X509_V_OK;
-               } else {
-                       ok=0;
-                       verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
-               }
+               if((int)int_verify_depth >= depth)
+                       int_verify_error = err;
+               else
+                       int_verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
        }
        switch (ctx->error) {
        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
        }
        switch (ctx->error) {
        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
@@ -97,5 +94,10 @@ void cb_ssl_verify_set_output(FILE *fp)
        fp_cb_ssl_verify = fp;
 }
 
        fp_cb_ssl_verify = fp;
 }
 
+void cb_ssl_verify_set_depth(unsigned int verify_depth)
+{
+       int_verify_depth = verify_depth;
+}
+
 #endif /* !defined(NO_OPENSSL) */
 
 #endif /* !defined(NO_OPENSSL) */
 
Unnamed repository; edit this file 'description' to name the repository.