[EMAIL PROTECTED] - Fri Jun 24 18:23:27 2005]:
> Sometimes it is needed to do something with errors during X.509
> certificate validation. For example, collect all error messages
> in some memory space.
>
> Unfortunately, verify callback function only takes preverify status
> and a pointer to X509_STORE structure. If this structure had some
> "void* userdata" field - it would be possible to do it without using
> global variables.
Use the ex_data structure. Some very simple code to get an appropriate
index, store data and retreive it:
X509_user_data_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
int ind,long argl, void *argp)
{
free(item);
}
int X509_user_data_index()
{
static index = -1;
if (index == -1)
{
index = X509_STORE_CTX_get_ex_new_index(0, "X509 Store", NULL,
NULL,
X509_user_data_ex_free);
}
return index;
}
/* Store */
X509_STORE_CTX_set_ex_data(ctx, X509_user_data_index(), your_data);
/* Retreive */
your_data = X509_STORE_CTX_set_ex_data(ctx, X509_user_data_index());
Case dismissed.
--
Richard Levitte
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
