static int server_name_callback (SSL *ssl, int *out_alert, void *arg) { MonoBtlsSslCtx *ctx = (MonoBtlsSslCtx *)arg; if (ctx->server_name_func (ctx->instance) == 1) return SSL_TLSEXT_ERR_OK; *out_alert = SSL_AD_USER_CANCELLED; return SSL_TLSEXT_ERR_ALERT_FATAL; }
static int cert_select_callback (SSL *ssl, void *arg) { MonoBtlsSslCtx *ptr = (MonoBtlsSslCtx*)arg; int ret = 1; debug_printf (ptr, "cert_select_callback(): %p\n", ptr->select_func); if (ptr->select_func) ret = ptr->select_func (ptr->instance); debug_printf (ptr, "cert_select_callback() #1: %d\n", ret); return ret; }
static int cert_verify_callback (X509_STORE_CTX *storeCtx, void *arg) { MonoBtlsSslCtx *ptr = (MonoBtlsSslCtx*)arg; int ret; debug_printf (ptr, "cert_verify_callback(): %p\n", ptr->verify_func); ret = X509_verify_cert (storeCtx); debug_printf (ptr, "cert_verify_callback() #1: %d\n", ret); if (ptr->verify_func) ret = ptr->verify_func (ptr->instance, ret, storeCtx); return ret; }
static int cert_select_callback (SSL *ssl, void *arg) { MonoBtlsSslCtx *ptr = (MonoBtlsSslCtx*)arg; STACK_OF(X509_NAME) *ca_list; int *sizes = NULL; void **cadata = NULL; int count = 0; int ret = 1; int i; debug_printf (ptr, "cert_select_callback(): %p\n", ptr->select_func); // SSL_get_client_CA_list() may only be called during this callback. ca_list = SSL_get_client_CA_list (ssl); if (ca_list) { count = (int)sk_X509_NAME_num (ca_list); cadata = OPENSSL_malloc (sizeof (void *) * (count + 1)); sizes = OPENSSL_malloc (sizeof (int) * (count + 1)); if (!cadata || !sizes) { ret = 0; goto out; } for (i = 0; i < count; i++) { X509_NAME *name = sk_X509_NAME_value (ca_list, i); cadata[i] = name->bytes->data; sizes[i] = (int)name->bytes->length; } } debug_printf (ptr, "cert_select_callback() #1: %p\n", ca_list); if (ptr->select_func) ret = ptr->select_func (ptr->instance, count, sizes, cadata); debug_printf (ptr, "cert_select_callback() #1: %d\n", ret); out: if (cadata) OPENSSL_free (cadata); if (sizes) OPENSSL_free (sizes); return ret; }