source-git / openssl

Clone
Source Code
GIT

Blame doc/man3/X509_STORE_set_verify_cb_func.pod

c8 c8s master
  1.   3c126e197bf64be56e1432546d39885b80b61a84
  2.   doc
  3.   man3
  4.   X509_STORE_set_verify_cb_func.pod
Blob History Raw
Packit Service 084de1 
=pod
Packit Service 084de1
Packit Service 084de1 
=head1 NAME
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_lookup_crls_cb,
Packit Service 084de1 
X509_STORE_set_verify_func,
Packit Service 084de1 
X509_STORE_get_cleanup,
Packit Service 084de1 
X509_STORE_set_cleanup,
Packit Service 084de1 
X509_STORE_get_lookup_crls,
Packit Service 084de1 
X509_STORE_set_lookup_crls,
Packit Service 084de1 
X509_STORE_get_lookup_certs,
Packit Service 084de1 
X509_STORE_set_lookup_certs,
Packit Service 084de1 
X509_STORE_get_check_policy,
Packit Service 084de1 
X509_STORE_set_check_policy,
Packit Service 084de1 
X509_STORE_get_cert_crl,
Packit Service 084de1 
X509_STORE_set_cert_crl,
Packit Service 084de1 
X509_STORE_get_check_crl,
Packit Service 084de1 
X509_STORE_set_check_crl,
Packit Service 084de1 
X509_STORE_get_get_crl,
Packit Service 084de1 
X509_STORE_set_get_crl,
Packit Service 084de1 
X509_STORE_get_check_revocation,
Packit Service 084de1 
X509_STORE_set_check_revocation,
Packit Service 084de1 
X509_STORE_get_check_issued,
Packit Service 084de1 
X509_STORE_set_check_issued,
Packit Service 084de1 
X509_STORE_get_get_issuer,
Packit Service 084de1 
X509_STORE_set_get_issuer,
Packit Service 084de1 
X509_STORE_CTX_get_verify,
Packit Service 084de1 
X509_STORE_set_verify,
Packit Service 084de1 
X509_STORE_get_verify_cb,
Packit Service 084de1 
X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb,
Packit Service 084de1 
X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn,
Packit Service 084de1 
X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn,
Packit Service 084de1 
X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn,
Packit Service 084de1 
X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn,
Packit Service 084de1 
X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn
Packit Service 084de1 
- set verification callback
Packit Service 084de1
Packit Service 084de1 
=head1 SYNOPSIS
Packit Service 084de1
Packit Service 084de1 
 #include <openssl/x509_vfy.h>
Packit Service 084de1
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
Packit Service 084de1 
                                             X509_STORE_CTX *ctx, X509 *x);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
Packit Service 084de1 
                                               X509 *x, X509 *issuer);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
Packit Service 084de1 
                                          X509_CRL **crl, X509 *x);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
Packit Service 084de1 
                                           X509_CRL *crl, X509 *x);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
Packit Service 084de1 
 typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
Packit Service 084de1 
                                                           X509_NAME *nm);
Packit Service 084de1 
 typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
Packit Service 084de1 
                                                              X509_NAME *nm);
Packit Service 084de1 
 typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_verify_cb(X509_STORE *ctx,
Packit Service 084de1 
                               X509_STORE_CTX_verify_cb verify_cb);
Packit Service 084de1 
 X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
Packit Service 084de1 
 X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_get_issuer(X509_STORE *ctx,
Packit Service 084de1 
                                X509_STORE_CTX_get_issuer_fn get_issuer);
Packit Service 084de1 
 X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_check_issued(X509_STORE *ctx,
Packit Service 084de1 
                                  X509_STORE_CTX_check_issued_fn check_issued);
Packit Service 084de1 
 X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_check_revocation(X509_STORE *ctx,
Packit Service 084de1 
                                      X509_STORE_CTX_check_revocation_fn check_revocation);
Packit Service 084de1 
 X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_get_crl(X509_STORE *ctx,
Packit Service 084de1 
                             X509_STORE_CTX_get_crl_fn get_crl);
Packit Service 084de1 
 X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_check_crl(X509_STORE *ctx,
Packit Service 084de1 
                               X509_STORE_CTX_check_crl_fn check_crl);
Packit Service 084de1 
 X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_cert_crl(X509_STORE *ctx,
Packit Service 084de1 
                              X509_STORE_CTX_cert_crl_fn cert_crl);
Packit Service 084de1 
 X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_check_policy(X509_STORE *ctx,
Packit Service 084de1 
                                  X509_STORE_CTX_check_policy_fn check_policy);
Packit Service 084de1 
 X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_lookup_certs(X509_STORE *ctx,
Packit Service 084de1 
                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
Packit Service 084de1 
 X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_lookup_crls(X509_STORE *ctx,
Packit Service 084de1 
                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
Packit Service 084de1 
 X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 void X509_STORE_set_cleanup(X509_STORE *ctx,
Packit Service 084de1 
                             X509_STORE_CTX_cleanup_fn cleanup);
Packit Service 084de1 
 X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
Packit Service 084de1
Packit Service 084de1 
 /* Aliases */
Packit Service 084de1 
 void X509_STORE_set_verify_cb_func(X509_STORE *st,
Packit Service 084de1 
                                    X509_STORE_CTX_verify_cb verify_cb);
Packit Service 084de1 
 void X509_STORE_set_verify_func(X509_STORE *ctx,
Packit Service 084de1 
                                 X509_STORE_CTX_verify_fn verify);
Packit Service 084de1 
 void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
Packit Service 084de1 
                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);
Packit Service 084de1
Packit Service 084de1 
=head1 DESCRIPTION
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_verify_cb() sets the verification callback of B<ctx> to
Packit Service 084de1 
B<verify_cb> overwriting the previous callback.
Packit Service 084de1 
The callback assigned with this function becomes a default for the one
Packit Service 084de1 
that can be assigned directly to the corresponding B<X509_STORE_CTX>,
Packit Service 084de1 
please see L<X509_STORE_CTX_set_verify_cb(3)> for further information.
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_verify() sets the final chain verification function for
Packit Service 084de1 
B<ctx> to B<verify>.
Packit Service 084de1 
Its purpose is to go through the chain of certificates and check that
Packit Service 084de1 
all signatures are valid and that the current time is within the
Packit Service 084de1 
limits of each certificate's first and last validity time.
Packit Service 084de1 
The final chain verification functions must return 0 on failure and 1
Packit Service 084de1 
on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_get_issuer() sets the function to get the issuer
Packit Service 084de1 
certificate that verifies the given certificate B<x>.
Packit Service 084de1 
When found, the issuer certificate must be assigned to B<*issuer>.
Packit Service 084de1 
This function must return 0 on failure and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_check_issued() sets the function to check that a given
Packit Service 084de1 
certificate B<x> is issued with the issuer certificate B<issuer>.
Packit Service 084de1 
This function must return 0 on failure (among others if B<x> hasn't
Packit Service 084de1 
been issued with B<issuer>) and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_check_revocation() sets the revocation checking
Packit Service 084de1 
function.
Packit Service 084de1 
Its purpose is to look through the final chain and check the
Packit Service 084de1 
revocation status for each certificate.
Packit Service 084de1 
It must return 0 on failure and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_get_crl() sets the function to get the crl for a given
Packit Service 084de1 
certificate B<x>.
Packit Service 084de1 
When found, the crl must be assigned to B<*crl>.
Packit Service 084de1 
This function must return 0 on failure and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_check_crl() sets the function to check the validity of
Packit Service 084de1 
the given B<crl>.
Packit Service 084de1 
This function must return 0 on failure and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_cert_crl() sets the function to check the revocation
Packit Service 084de1 
status of the given certificate B<x> against the given B<crl>.
Packit Service 084de1 
This function must return 0 on failure and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_check_policy() sets the function to check the policies
Packit Service 084de1 
of all the certificates in the final chain..
Packit Service 084de1 
This function must return 0 on failure and 1 on success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the
Packit Service 084de1 
functions to look up all the certs or all the CRLs that match the
Packit Service 084de1 
given name B<nm>.
Packit Service 084de1 
These functions return NULL on failure and a pointer to a stack of
Packit Service 084de1 
certificates (B<X509>) or to a stack of CRLs (B<X509_CRL>) on
Packit Service 084de1 
success.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_cleanup() sets the final cleanup function, which is
Packit Service 084de1 
called when the context (B<X509_STORE_CTX>) is being torn down.
Packit Service 084de1 
This function doesn't return any value.
Packit Service 084de1 
I
Packit Service 084de1 
function will be used instead.>
Packit Service 084de1
Packit Service 084de1 
X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(),
Packit Service 084de1 
X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(),
Packit Service 084de1 
X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(),
Packit Service 084de1 
X509_STORE_get_check_crl(), X509_STORE_set_verify(),
Packit Service 084de1 
X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(),
Packit Service 084de1 
X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(),
Packit Service 084de1 
X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return
Packit Service 084de1 
the function pointer assigned with X509_STORE_set_check_issued(),
Packit Service 084de1 
X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(),
Packit Service 084de1 
X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(),
Packit Service 084de1 
X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(),
Packit Service 084de1 
X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if
Packit Service 084de1 
no assignment has been made.
Packit Service 084de1
Packit Service 084de1 
X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and
Packit Service 084de1 
X509_STORE_set_lookup_crls_cb() are aliases for
Packit Service 084de1 
X509_STORE_set_verify_cb(), X509_STORE_set_verify() and
Packit Service 084de1 
X509_STORE_set_lookup_crls, available as macros for backward
Packit Service 084de1 
compatibility.
Packit Service 084de1
Packit Service 084de1 
=head1 NOTES
Packit Service 084de1
Packit Service 084de1 
All the callbacks from a B<X509_STORE> are inherited by the
Packit Service 084de1 
corresponding B<X509_STORE_CTX> structure when it is initialized.
Packit Service 084de1 
See L<X509_STORE_CTX_set_verify_cb(3)> for further details.
Packit Service 084de1
Packit Service 084de1 
=head1 BUGS
Packit Service 084de1
Packit Service 084de1 
The macro version of this function was the only one available before
Packit Service 084de1 
OpenSSL 1.0.0.
Packit Service 084de1
Packit Service 084de1 
=head1 RETURN VALUES
Packit Service 084de1
Packit Service 084de1 
The X509_STORE_set_*() functions do not return a value.
Packit Service 084de1
Packit Service 084de1 
The X509_STORE_get_*() functions return a pointer of the appropriate
Packit Service 084de1 
function type.
Packit Service 084de1
Packit Service 084de1 
=head1 SEE ALSO
Packit Service 084de1
Packit Service 084de1 
L<X509_STORE_CTX_set_verify_cb(3)>, L<X509_STORE_CTX_get0_chain(3)>,
Packit Service 084de1 
L<X509_STORE_CTX_verify_cb(3)>, L<X509_STORE_CTX_verify_fn(3)>,
Packit Service 084de1 
L<CMS_verify(3)>
Packit Service 084de1
Packit Service 084de1 
=head1 HISTORY
Packit Service 084de1
Packit Service 084de1 
The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.
Packit Service 084de1
Packit Service 084de1 
The functions
Packit Service 084de1 
X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(),
Packit Service 084de1 
X509_STORE_set_verify(), X509_STORE_CTX_get_verify(),
Packit Service 084de1 
X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(),
Packit Service 084de1 
X509_STORE_set_check_issued(), X509_STORE_get_check_issued(),
Packit Service 084de1 
X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(),
Packit Service 084de1 
X509_STORE_set_get_crl(), X509_STORE_get_get_crl(),
Packit Service 084de1 
X509_STORE_set_check_crl(), X509_STORE_get_check_crl(),
Packit Service 084de1 
X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(),
Packit Service 084de1 
X509_STORE_set_check_policy(), X509_STORE_get_check_policy(),
Packit Service 084de1 
X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(),
Packit Service 084de1 
X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(),
Packit Service 084de1 
X509_STORE_set_cleanup() and X509_STORE_get_cleanup()
Packit Service 084de1 
were added in OpenSSL 1.1.0.
Packit Service 084de1
Packit Service 084de1 
=head1 COPYRIGHT
Packit Service 084de1
Packit Service 084de1 
Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
Packit Service 084de1
Packit Service 084de1 
Licensed under the OpenSSL license (the "License").  You may not use
Packit Service 084de1 
this file except in compliance with the License.  You can obtain a copy
Packit Service 084de1 
in the file LICENSE in the source distribution or at
Packit Service 084de1 
L<https://www.openssl.org/source/license.html>.
Packit Service 084de1
Packit Service 084de1 
=cut

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation