NAME
X509_STORE_set_verify_cb,
X509_STORE_set_verify_cb_func,
X509_STORE_set_verify_func —
set verification callback
SYNOPSIS
#include
<openssl/x509_vfy.h>
void
X509_STORE_set_verify_cb(X509_STORE
*st, int (*verify_cb)(int ok, X509_STORE_CTX
*ctx));
void
X509_STORE_set_verify_cb_func(X509_STORE
*st, int (*verify_cb)(int ok, X509_STORE_CTX
*ctx));
void
X509_STORE_set_verify_func(X509_STORE
*st, int (*verify_func)(X509_STORE_CTX
*ctx));
DESCRIPTION
X509_STORE_set_verify_cb()
sets the verification callback of
ctx to
verify_cb,
overwriting any existing callback.
X509_STORE_set_verify_cb_func()
also sets the verification callback but it is implemented as a macro.
The verification callback from an X509_STORE is inherited by the corresponding X509_STORE_CTX structure when it is initialized. This can be used to set the verification callback when the X509_STORE_CTX is otherwise inaccessible (for example during S/MIME verification).
X509_STORE_set_verify_func()
sets the final chain verification function for st to
verify_func. Its purpose is to go through the chain of
certificates and check that all signatures are valid and that the current
time is within the limits of each certificate's first and last validity
time. The final chain verification function must return 0 on failure and 1
on success. If X509_STORE_set_verify_func() is not
called or called with verify_func set to a
NULL pointer, the built-in default function is
used.
SEE ALSO
HISTORY
X509_STORE_set_verify_cb_func() and
X509_STORE_set_verify_func() first appeared in
SSLeay 0.8.0 and have been available since OpenBSD
2.4.
X509_STORE_set_verify_cb() first appeared
in OpenSSL 1.0.0 and has been available since OpenBSD
4.9.