<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><meta name="robots" content="noindex"> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <!-- THIS FILE IS AUTOMATICALLY GENERATED FROM THE GLOBUS SOURCE CODE DO NOT MODIFY. --> <title>Globus Reference Manual</title> <link href="doxygen.css" rel="stylesheet" type="text/css"> <link href="tabs.css" rel="stylesheet" type="text/css"> </head> <body> <!-- Generated by Doxygen 1.8.3.1 --> <div id="navrow1" class="tabs"> <ul class="tablist"> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="pages.html"><span>Related Pages</span></a></li> <li><a href="modules.html"><span>Modules</span></a></li> </ul> </div> </div><!-- top --> <div id="side-nav" class="ui-resizable side-nav-resizable"> <div id="nav-tree"> <div id="nav-tree-contents"> <div id="nav-sync" class="sync"></div> </div> </div> <div id="splitbar" style="-moz-user-select:none;" class="ui-resizable-handle"> </div> </div> <script type="text/javascript"> $(document).ready(function(){initNavTree('group__globus__gsi__callback.html','');}); </script> <div id="doc-content"> <div class="header"> <div class="summary"> <a href="#typedef-members">Typedefs</a> </div> <div class="headertitle"> <div class="title">Callback Functions</div> </div> </div><!--header--> <div class="contents"> <table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="typedef-members"></a> Typedefs</h2></td></tr> <tr class="memitem:gab8ea0fdaa7d613a4cf1356213e9677f5"><td class="memItemLeft" align="right" valign="top">typedef int(* </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gab8ea0fdaa7d613a4cf1356213e9677f5">globus_gsi_extension_callback_t</a> )(<a class="el" href="group__globus__gsi__callback__data.html#ga3ae70b8c3f086611aeb22918962f7674">globus_gsi_callback_data_t</a> callback_data, X509_EXTENSION *extension)</td></tr> <tr class="separator:gab8ea0fdaa7d613a4cf1356213e9677f5"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Get callback data index from X509_STORE</h2></td></tr> <tr class="memitem:gae6aec85d1c12898df6fab8ccd1eed776"><td class="memItemLeft" align="right" valign="top">globus_result_t </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gae6aec85d1c12898df6fab8ccd1eed776">globus_gsi_callback_get_X509_STORE_callback_data_index</a> (int *index)</td></tr> <tr class="separator:gae6aec85d1c12898df6fab8ccd1eed776"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Get callback data index from SSL structure</h2></td></tr> <tr class="memitem:gad1c92597247081cf75c130e43ddaa4bf"><td class="memItemLeft" align="right" valign="top">globus_result_t </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gad1c92597247081cf75c130e43ddaa4bf">globus_gsi_callback_get_SSL_callback_data_index</a> (int *index)</td></tr> <tr class="separator:gad1c92597247081cf75c130e43ddaa4bf"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Certificate verify wrapper</h2></td></tr> <tr class="memitem:gacdd68ac96173d118c50092a888f022de"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gacdd68ac96173d118c50092a888f022de">globus_gsi_callback_X509_verify_cert</a> (X509_STORE_CTX *context, void *arg)</td></tr> <tr class="separator:gacdd68ac96173d118c50092a888f022de"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Independent path validation callback.</h2></td></tr> <tr class="memitem:ga89eecf0be1d25519a218c7feafd502f6"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#ga89eecf0be1d25519a218c7feafd502f6">globus_gsi_callback_create_proxy_callback</a> (int preverify_ok, X509_STORE_CTX *x509_context)</td></tr> <tr class="separator:ga89eecf0be1d25519a218c7feafd502f6"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> SSL path validation callback.</h2></td></tr> <tr class="memitem:gaef8044b5aeb67947628746c1332a6f8c"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#gaef8044b5aeb67947628746c1332a6f8c">globus_gsi_callback_handshake_callback</a> (int preverify_ok, X509_STORE_CTX *x509_context)</td></tr> <tr class="separator:gaef8044b5aeb67947628746c1332a6f8c"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> OpenSSL X509_check_issued() wrapper</h2></td></tr> <tr class="memitem:ga72d5aebde5e0a719ba0d172f74e63bb7"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__globus__gsi__callback.html#ga72d5aebde5e0a719ba0d172f74e63bb7">globus_gsi_callback_check_issued</a> (X509_STORE_CTX *context, X509 *cert, X509 *issuer)</td></tr> <tr class="separator:ga72d5aebde5e0a719ba0d172f74e63bb7"><td class="memSeparator" colspan="2"> </td></tr> </table> <a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2> <p>Functions that plug into various plug points in the OpenSSL path validation mechanism. </p> <p>These functions add CRL checking, X509 Extension handling and proxy validation. </p> <h2 class="groupheader">Typedef Documentation</h2> <a class="anchor" id="gab8ea0fdaa7d613a4cf1356213e9677f5"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef int(* globus_gsi_extension_callback_t)(<a class="el" href="group__globus__gsi__callback__data.html#ga3ae70b8c3f086611aeb22918962f7674">globus_gsi_callback_data_t</a> callback_data, X509_EXTENSION *extension)</td> </tr> </table> </div><div class="memdoc"> <p>Typedef for a callback that may be registered for dealing with unhandled X.509 extension. </p> </div> </div> <h2 class="groupheader">Function Documentation</h2> <a class="anchor" id="gae6aec85d1c12898df6fab8ccd1eed776"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index </td> <td>(</td> <td class="paramtype">int * </td> <td class="paramname"><em>index</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Retrieve or create the index for our callback data structure in the X509_STORE. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">index</td><td>Will contain the index upon return</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned </dd></dl> <p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2ea9cc2aded2617501f113335080807d0b9">GLOBUS_GSI_CALLBACK_ERROR_WITH_CALLBACK_DATA_INDEX</a>.</p> </div> </div> <a class="anchor" id="gad1c92597247081cf75c130e43ddaa4bf"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">globus_result_t globus_gsi_callback_get_SSL_callback_data_index </td> <td>(</td> <td class="paramtype">int * </td> <td class="paramname"><em>index</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Retrieve or create the index for our callback data structure in the SSL structure. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">index</td><td>Will contain the index upon return</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned </dd></dl> <p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2ea9cc2aded2617501f113335080807d0b9">GLOBUS_GSI_CALLBACK_ERROR_WITH_CALLBACK_DATA_INDEX</a>.</p> </div> </div> <a class="anchor" id="gacdd68ac96173d118c50092a888f022de"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int globus_gsi_callback_X509_verify_cert </td> <td>(</td> <td class="paramtype">X509_STORE_CTX * </td> <td class="paramname"><em>context</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">void * </td> <td class="paramname"><em>arg</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>This function wraps the OpenSSL certificate verification callback for the purpose of a replacing the standard issuer check with one that deals with proxy certificates. </p> <p>Should be used with SSL_CTX_set_cert_verify_callback()</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">context</td><td>The X509_STORE_CTX for which to register the callback. </td></tr> <tr><td class="paramname">arg</td><td>Arguments to the callback. Currently ignored. </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl> <p>References <a class="el" href="group__globus__gsi__callback.html#ga72d5aebde5e0a719ba0d172f74e63bb7">globus_gsi_callback_check_issued()</a>.</p> </div> </div> <a class="anchor" id="ga89eecf0be1d25519a218c7feafd502f6"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int globus_gsi_callback_create_proxy_callback </td> <td>(</td> <td class="paramtype">int </td> <td class="paramname"><em>preverify_ok</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">X509_STORE_CTX * </td> <td class="paramname"><em>x509_context</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>This function provides a path validation callback for validation outside of a SSL session. </p> <p>It should be used in X509_STORE_set_verify_cb_func().</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">preverify_ok</td><td>Communicates the result of default validation steps performed by OpenSSL </td></tr> <tr><td class="paramname">x509_context</td><td>The validation state object </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl> <p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2eaa76ac35b98ef23144e3b79224b51f76c">GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED</a>, and <a class="el" href="group__globus__gsi__callback.html#gae6aec85d1c12898df6fab8ccd1eed776">globus_gsi_callback_get_X509_STORE_callback_data_index()</a>.</p> </div> </div> <a class="anchor" id="gaef8044b5aeb67947628746c1332a6f8c"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int globus_gsi_callback_handshake_callback </td> <td>(</td> <td class="paramtype">int </td> <td class="paramname"><em>preverify_ok</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">X509_STORE_CTX * </td> <td class="paramname"><em>x509_context</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>This function provides a path validation callback for the validation part of establishing a SSL session. </p> <p>It handles proxy certificates, X509 Extensions and CRL checking. It should be used in SSL_CTX_set_verify().</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">preverify_ok</td><td>Communicates the result of default validation steps performed by OpenSSL </td></tr> <tr><td class="paramname">x509_context</td><td>The validation state object. </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl> <p>References <a class="el" href="group__globus__gsi__callback__constants.html#gga2f7ad05d55ce101a57f62842ce0f6f2eaa76ac35b98ef23144e3b79224b51f76c">GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED</a>, and <a class="el" href="group__globus__gsi__callback.html#gad1c92597247081cf75c130e43ddaa4bf">globus_gsi_callback_get_SSL_callback_data_index()</a>.</p> </div> </div> <a class="anchor" id="ga72d5aebde5e0a719ba0d172f74e63bb7"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int globus_gsi_callback_check_issued </td> <td>(</td> <td class="paramtype">X509_STORE_CTX * </td> <td class="paramname"><em>context</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">X509 * </td> <td class="paramname"><em>cert</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">X509 * </td> <td class="paramname"><em>issuer</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>This function wraps the OpenSSL X509_check_issued() call and catches the error caused by the fact that a proxy certificate issuer may not have to have the correct KeyUsage fields set. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">context</td><td>The validation state object. </td></tr> <tr><td class="paramname">cert</td><td>The certificate to check </td></tr> <tr><td class="paramname">issuer</td><td>The issuer certificate to check </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>1 on success 0 on failure </dd></dl> </div> </div> </div><!-- contents --> </div><!-- doc-content --> <hr> <p align="center"> <a href="http://www.globus.org/toolkit/about.html" target="_top">about globus</a> | <a href="http://www.globus.org/toolkit/" target="_top">globus toolkit</a> | <a href="https://dev.globus.org/wiki/Welcome/" target="_top">dev.globus</a> <br> <br> Comments? <a href="mailto:webmaster@globus.org">webmaster@globus.org</a> </body> </html>