+static int verify_reject_callback(X509_STORE_CTX *ctx, void *arg) {
+ X509_STORE_CTX_set_error(ctx, X509_V_ERR_APPLICATION_VERIFICATION);
+ return 0;
+}
+
+static int verify_accept_callback(X509_STORE_CTX *ctx, void *arg) {
+ return 1;
+}
+
+/*
+ * Configure callbacks and other properties that can't be set directly
+ * in the server/client CONF.
+ */
+static void configure_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx,
+ const SSL_TEST_CTX *test_ctx)
+{
+ switch (test_ctx->client_verify_callback) {
+ case SSL_TEST_VERIFY_ACCEPT_ALL:
+ SSL_CTX_set_cert_verify_callback(client_ctx, &verify_accept_callback,
+ NULL);
+ break;
+ case SSL_TEST_VERIFY_REJECT_ALL:
+ SSL_CTX_set_cert_verify_callback(client_ctx, &verify_reject_callback,
+ NULL);
+ break;
+ default:
+ break;
+ }
+}
+
+