static int
server_name_callback (SSL *ssl, int *out_alert, void *arg)
{
MonoBtlsSslCtx *ctx = (MonoBtlsSslCtx *)arg;
if (ctx->server_name_func (ctx->instance) == 1)
return SSL_TLSEXT_ERR_OK;
*out_alert = SSL_AD_USER_CANCELLED;
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
static int
cert_select_callback (SSL *ssl, void *arg)
{
MonoBtlsSslCtx *ptr = (MonoBtlsSslCtx*)arg;
int ret = 1;
debug_printf (ptr, "cert_select_callback(): %p\n", ptr->select_func);
if (ptr->select_func)
ret = ptr->select_func (ptr->instance);
debug_printf (ptr, "cert_select_callback() #1: %d\n", ret);
return ret;
}
static int
cert_verify_callback (X509_STORE_CTX *storeCtx, void *arg)
{
MonoBtlsSslCtx *ptr = (MonoBtlsSslCtx*)arg;
int ret;
debug_printf (ptr, "cert_verify_callback(): %p\n", ptr->verify_func);
ret = X509_verify_cert (storeCtx);
debug_printf (ptr, "cert_verify_callback() #1: %d\n", ret);
if (ptr->verify_func)
ret = ptr->verify_func (ptr->instance, ret, storeCtx);
return ret;
}
static int
cert_select_callback (SSL *ssl, void *arg)
{
MonoBtlsSslCtx *ptr = (MonoBtlsSslCtx*)arg;
STACK_OF(X509_NAME) *ca_list;
int *sizes = NULL;
void **cadata = NULL;
int count = 0;
int ret = 1;
int i;
debug_printf (ptr, "cert_select_callback(): %p\n", ptr->select_func);
// SSL_get_client_CA_list() may only be called during this callback.
ca_list = SSL_get_client_CA_list (ssl);
if (ca_list) {
count = (int)sk_X509_NAME_num (ca_list);
cadata = OPENSSL_malloc (sizeof (void *) * (count + 1));
sizes = OPENSSL_malloc (sizeof (int) * (count + 1));
if (!cadata || !sizes) {
ret = 0;
goto out;
}
for (i = 0; i < count; i++) {
X509_NAME *name = sk_X509_NAME_value (ca_list, i);
cadata[i] = name->bytes->data;
sizes[i] = (int)name->bytes->length;
}
}
debug_printf (ptr, "cert_select_callback() #1: %p\n", ca_list);
if (ptr->select_func)
ret = ptr->select_func (ptr->instance, count, sizes, cadata);
debug_printf (ptr, "cert_select_callback() #1: %d\n", ret);
out:
if (cadata)
OPENSSL_free (cadata);
if (sizes)
OPENSSL_free (sizes);
return ret;
}
