Poster of Linux kernelThe best gift for a Linux geek
Callback Functions

Callback Functions

Section: globus gsi callback (3) Updated: Sat Oct 16 2010
Local index Up
 

NAME

Callback Functions -

Functions that plug into various plug points in the OpenSSL path validation mechanism.

 

Typedefs


typedef int(* globus_gsi_extension_callback_t )(globus_gsi_callback_data_t callback_data, X509_EXTENSION *extension)
 

Get callback data index from X509_STORE


 
globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int *index)
 

Get callback data index from SSL structure


 
globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int *index)
 

Certificate verify wrapper


 
int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX *context, void *arg)
 

Independent path validation callback.


 
int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX *x509_context)
 

SSL path validation callback.


 
int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX *x509_context)
 

OpenSSL X509_check_issued() wrapper


 
int globus_gsi_callback_check_issued (X509_STORE_CTX *context, X509 *cert, X509 *issuer)
 

Detailed Description

Functions that plug into various plug points in the OpenSSL path validation mechanism.

These functions add CRL checking, X509 Extension handling and proxy validation.  

Typedef Documentation

 

typedef int(* globus_gsi_extension_callback_t)(globus_gsi_callback_data_t callback_data, X509_EXTENSION *extension)

Typedef for a callback that may be registered for dealing with unhandled X.509 extension.  

Function Documentation

 

globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int * index)

Retrieve or create the index for our callback data structure in the X509_STORE. Parameters:

index Will contain the index upon return

Returns:

GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

 

globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int * index)

Retrieve or create the index for our callback data structure in the SSL structure. Parameters:

index Will contain the index upon return

Returns:

GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

 

int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX * context, void * arg)

This function wraps the OpenSSL certificate verification callback for the purpose of a replacing the standard issuer check with one that deals with proxy certificates. Should be used with SSL_CTX_set_cert_verify_callback()

Parameters:

context The X509_STORE_CTX for which to register the callback.
arg Arguments to the callback. Currently ignored.

Returns:

1 on success 0 on failure

 

int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX * x509_context)

This function provides a path validation callback for validation outside of a SSL session. It should be used in X509_STORE_set_verify_cb_func().

Parameters:

preverify_ok Communicates the result of default validation steps performed by OpenSSL
x509_context The validation state object

Returns:

1 on success 0 on failure

 

int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX * x509_context)

This function provides a path validation callback for the validation part of establishing a SSL session. It handles proxy certificates, X509 Extensions and CRL checking. It should be used in SSL_CTX_set_verify().

Parameters:

preverify_ok Communicates the result of default validation steps performed by OpenSSL
x509_context The validation state object.

Returns:

1 on success 0 on failure

 

int globus_gsi_callback_check_issued (X509_STORE_CTX * context, X509 * cert, X509 * issuer)

This function wraps the OpenSSL X509_check_issued() call and catches the error caused by the fact that a proxy certificate issuer may not have to have the correct KeyUsage fields set. Parameters:

context The validation state object.
cert The certificate to check
issuer The issuer certificate to check

Returns:

1 on success 0 on failure

 

Author

Generated automatically by Doxygen for globus gsi callback from the source code.


 

Index

NAME
Typedefs
Get callback data index from X509_STORE
Get callback data index from SSL structure
Certificate verify wrapper
Independent path validation callback.
SSL path validation callback.
OpenSSL X509_check_issued() wrapper
Detailed Description
Typedef Documentation
typedef int(* globus_gsi_extension_callback_t)(globus_gsi_callback_data_t callback_data, X509_EXTENSION *extension)
Function Documentation
globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int * index)
globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int * index)
int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX * context, void * arg)
int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX * x509_context)
int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX * x509_context)
int globus_gsi_callback_check_issued (X509_STORE_CTX * context, X509 * cert, X509 * issuer)
Author

This document was created by man2html, using the manual pages.
Time: 21:47:02 GMT, April 16, 2011