<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html><head><meta name="robots" content="noindex">
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<!-- THIS FILE IS AUTOMATICALLY GENERATED FROM THE GLOBUS SOURCE CODE
DO NOT MODIFY.
-->
<title>Globus Reference Manual</title>
<link href="doxygen.css" rel="stylesheet" type="text/css">
<link href="tabs.css" rel="stylesheet" type="text/css">
</head>
<body>
<!-- Generated by Doxygen 1.8.3.1 -->
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="pages.html"><span>Related Pages</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
</ul>
</div>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
<div id="nav-tree">
<div id="nav-tree-contents">
<div id="nav-sync" class="sync"></div>
</div>
</div>
<div id="splitbar" style="-moz-user-select:none;"
class="ui-resizable-handle">
</div>
</div>
<script type="text/javascript">
$(document).ready(function(){initNavTree('group__globus__gsi__callback.html','');});
</script>
<div id="doc-content">
<div class="header">
<div class="summary">
<a href="#typedef-members">Typedefs</a> </div>
<div class="headertitle">
<div class="title">Callback Functions</div> </div>
</div><!--header-->
<div class="contents">
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="typedef-members"></a>
Typedefs</h2></td></tr>
<tr class="memitem:gab8ea0fdaa7d613a4cf1356213e9677f5"><td class="memItemLeft" align="right" valign="top">typedef int(* </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gab8ea0fdaa7d613a4cf1356213e9677f5">globus_gsi_extension_callback_t</a> )(<a class="el" href="group__globus__gsi__callback__data.html#ga3ae70b8c3f086611aeb22918962f7674">globus_gsi_callback_data_t</a> callback_data, X509_EXTENSION *extension)</td></tr>
<tr class="separator:gab8ea0fdaa7d613a4cf1356213e9677f5"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a>
Get callback data index from X509_STORE</h2></td></tr>
<tr class="memitem:gae6aec85d1c12898df6fab8ccd1eed776"><td class="memItemLeft" align="right" valign="top">globus_result_t </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gae6aec85d1c12898df6fab8ccd1eed776">globus_gsi_callback_get_X509_STORE_callback_data_index</a> (int *index)</td></tr>
<tr class="separator:gae6aec85d1c12898df6fab8ccd1eed776"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a>
Get callback data index from SSL structure</h2></td></tr>
<tr class="memitem:gad1c92597247081cf75c130e43ddaa4bf"><td class="memItemLeft" align="right" valign="top">globus_result_t </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gad1c92597247081cf75c130e43ddaa4bf">globus_gsi_callback_get_SSL_callback_data_index</a> (int *index)</td></tr>
<tr class="separator:gad1c92597247081cf75c130e43ddaa4bf"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a>
Certificate verify wrapper</h2></td></tr>
<tr class="memitem:gacdd68ac96173d118c50092a888f022de"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gacdd68ac96173d118c50092a888f022de">globus_gsi_callback_X509_verify_cert</a> (X509_STORE_CTX *context, void *arg)</td></tr>
<tr class="separator:gacdd68ac96173d118c50092a888f022de"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a>
Independent path validation callback.</h2></td></tr>
<tr class="memitem:ga89eecf0be1d25519a218c7feafd502f6"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#ga89eecf0be1d25519a218c7feafd502f6">globus_gsi_callback_create_proxy_callback</a> (int preverify_ok, X509_STORE_CTX *x509_context)</td></tr>
<tr class="separator:ga89eecf0be1d25519a218c7feafd502f6"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a>
SSL path validation callback.</h2></td></tr>
<tr class="memitem:gaef8044b5aeb67947628746c1332a6f8c"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gaef8044b5aeb67947628746c1332a6f8c">globus_gsi_callback_handshake_callback</a> (int preverify_ok, X509_STORE_CTX *x509_context)</td></tr>
<tr class="separator:gaef8044b5aeb67947628746c1332a6f8c"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a>
OpenSSL X509_check_issued() wrapper</h2></td></tr>
<tr class="memitem:ga72d5aebde5e0a719ba0d172f74e63bb7"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#ga72d5aebde5e0a719ba0d172f74e63bb7">globus_gsi_callback_check_issued</a> (X509_STORE_CTX *context, X509 *cert, X509 *issuer)</td></tr>
<tr class="separator:ga72d5aebde5e0a719ba0d172f74e63bb7"><td class="memSeparator" colspan="2"> </td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<p>Functions that plug into various plug points in the OpenSSL path validation mechanism. </p>
<p>These functions add CRL checking, X509 Extension handling and proxy validation. </p>
<h2 class="groupheader">Typedef Documentation</h2>
<a class="anchor" id="gab8ea0fdaa7d613a4cf1356213e9677f5"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">typedef int(* globus_gsi_extension_callback_t)(<a class="el" href="group__globus__gsi__callback__data.html#ga3ae70b8c3f086611aeb22918962f7674">globus_gsi_callback_data_t</a> callback_data, X509_EXTENSION *extension)</td>
</tr>
</table>
</div><div class="memdoc">
<p>Typedef for a callback that may be registered for dealing with unhandled X.509 extension. </p>
</div>
</div>
<h2 class="groupheader">Function Documentation</h2>
<a class="anchor" id="gae6aec85d1c12898df6fab8ccd1eed776"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index </td>
<td>(</td>
<td class="paramtype">int * </td>
<td class="paramname"><em>index</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Retrieve or create the index for our callback data structure in the X509_STORE. </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">index</td><td>Will contain the index upon return</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned </dd></dl>
<p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2ea9cc2aded2617501f113335080807d0b9">GLOBUS_GSI_CALLBACK_ERROR_WITH_CALLBACK_DATA_INDEX</a>.</p>
</div>
</div>
<a class="anchor" id="gad1c92597247081cf75c130e43ddaa4bf"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">globus_result_t globus_gsi_callback_get_SSL_callback_data_index </td>
<td>(</td>
<td class="paramtype">int * </td>
<td class="paramname"><em>index</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Retrieve or create the index for our callback data structure in the SSL structure. </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">index</td><td>Will contain the index upon return</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned </dd></dl>
<p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2ea9cc2aded2617501f113335080807d0b9">GLOBUS_GSI_CALLBACK_ERROR_WITH_CALLBACK_DATA_INDEX</a>.</p>
</div>
</div>
<a class="anchor" id="gacdd68ac96173d118c50092a888f022de"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int globus_gsi_callback_X509_verify_cert </td>
<td>(</td>
<td class="paramtype">X509_STORE_CTX * </td>
<td class="paramname"><em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">void * </td>
<td class="paramname"><em>arg</em> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>This function wraps the OpenSSL certificate verification callback for the purpose of a replacing the standard issuer check with one that deals with proxy certificates. </p>
<p>Should be used with SSL_CTX_set_cert_verify_callback()</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">context</td><td>The X509_STORE_CTX for which to register the callback. </td></tr>
<tr><td class="paramname">arg</td><td>Arguments to the callback. Currently ignored. </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl>
<p>References <a class="el" href="group__globus__gsi__callback.html#ga72d5aebde5e0a719ba0d172f74e63bb7">globus_gsi_callback_check_issued()</a>.</p>
</div>
</div>
<a class="anchor" id="ga89eecf0be1d25519a218c7feafd502f6"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int globus_gsi_callback_create_proxy_callback </td>
<td>(</td>
<td class="paramtype">int </td>
<td class="paramname"><em>preverify_ok</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">X509_STORE_CTX * </td>
<td class="paramname"><em>x509_context</em> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>This function provides a path validation callback for validation outside of a SSL session. </p>
<p>It should be used in X509_STORE_set_verify_cb_func().</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">preverify_ok</td><td>Communicates the result of default validation steps performed by OpenSSL </td></tr>
<tr><td class="paramname">x509_context</td><td>The validation state object </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl>
<p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2eaa76ac35b98ef23144e3b79224b51f76c">GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED</a>, and <a class="el" href="group__globus__gsi__callback.html#gae6aec85d1c12898df6fab8ccd1eed776">globus_gsi_callback_get_X509_STORE_callback_data_index()</a>.</p>
</div>
</div>
<a class="anchor" id="gaef8044b5aeb67947628746c1332a6f8c"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int globus_gsi_callback_handshake_callback </td>
<td>(</td>
<td class="paramtype">int </td>
<td class="paramname"><em>preverify_ok</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">X509_STORE_CTX * </td>
<td class="paramname"><em>x509_context</em> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>This function provides a path validation callback for the validation part of establishing a SSL session. </p>
<p>It handles proxy certificates, X509 Extensions and CRL checking. It should be used in SSL_CTX_set_verify().</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">preverify_ok</td><td>Communicates the result of default validation steps performed by OpenSSL </td></tr>
<tr><td class="paramname">x509_context</td><td>The validation state object. </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl>
<p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2eaa76ac35b98ef23144e3b79224b51f76c">GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED</a>, and <a class="el" href="group__globus__gsi__callback.html#gad1c92597247081cf75c130e43ddaa4bf">globus_gsi_callback_get_SSL_callback_data_index()</a>.</p>
</div>
</div>
<a class="anchor" id="ga72d5aebde5e0a719ba0d172f74e63bb7"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int globus_gsi_callback_check_issued </td>
<td>(</td>
<td class="paramtype">X509_STORE_CTX * </td>
<td class="paramname"><em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">X509 * </td>
<td class="paramname"><em>cert</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">X509 * </td>
<td class="paramname"><em>issuer</em> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>This function wraps the OpenSSL X509_check_issued() call and catches the error caused by the fact that a proxy certificate issuer may not have to have the correct KeyUsage fields set. </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">context</td><td>The validation state object. </td></tr>
<tr><td class="paramname">cert</td><td>The certificate to check </td></tr>
<tr><td class="paramname">issuer</td><td>The issuer certificate to check </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl>
</div>
</div>
</div><!-- contents -->
</div><!-- doc-content -->
<hr>
<p align="center">
<a href="http://www.globus.org/toolkit/about.html" target="_top">about globus</a> |
<a href="http://www.globus.org/toolkit/" target="_top">globus toolkit</a> |
<a href="https://dev.globus.org/wiki/Welcome/" target="_top">dev.globus</a>
<br>
<br>
Comments? <a href="mailto:webmaster@globus.org">webmaster@globus.org</a>
</body>
</html>
