diff options
Diffstat (limited to 'ace/SSL/SSL_Context.h')
-rw-r--r-- | ace/SSL/SSL_Context.h | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/ace/SSL/SSL_Context.h b/ace/SSL/SSL_Context.h index 1d7067fa204..575e5ca02bd 100644 --- a/ace/SSL/SSL_Context.h +++ b/ace/SSL/SSL_Context.h @@ -264,7 +264,6 @@ public: */ void set_verify_peer (int strict = 0, int once = 1, int depth = 0); - /// TODO: a implementation that will lookup the CTX table for the list /// of files and paths etc. /// Query the location of trusted certification authority @@ -281,6 +280,14 @@ public: int default_verify_mode (void) const; /** + * Set and query the default verify callback for this context, it is + * inherited by all the ACE_SSL objects created using the context. + * It can be overriden on a per-ACE_SSL object. + */ + void default_verify_callback (int (*callback) (int, X509_STORE_CTX *)); + int (*default_verify_callback(void) const) (int,X509_STORE_CTX *); + + /** * @name OpenSSL Random Number Generator Seed Related Methods * * These are methods that can be used to seed OpenSSL's @@ -354,7 +361,7 @@ private: /// Cache the mode so we can answer fast int mode_; - /// The private key, certificate, and Diffie-Hellman paramters files + /// The private key, certificate, and Diffie-Hellman parameters files ACE_SSL_Data_File private_key_; ACE_SSL_Data_File certificate_; ACE_SSL_Data_File dh_params_; @@ -362,6 +369,9 @@ private: /// The default verify mode. int default_verify_mode_; + /// The default verify callback. + int (*default_verify_callback_)(int, X509_STORE_CTX *); + /// count of successful CA load attempts int have_ca_; |