OpenBSD manual page server

Manual Page Search Parameters

X509_STORE_SET_VERIFY_CB_FUNC(3) Library Functions Manual X509_STORE_SET_VERIFY_CB_FUNC(3)

X509_STORE_set_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_funcset verification callback

#include <openssl/x509_vfy.h>

void
X509_STORE_set_verify_cb(X509_STORE *st, int (*verify_cb)(int ok, X509_STORE_CTX *ctx));

void
X509_STORE_set_verify_cb_func(X509_STORE *st, int (*verify_cb)(int ok, X509_STORE_CTX *ctx));

void
X509_STORE_set_verify_func(X509_STORE *st, int (*verify_func)(X509_STORE_CTX *ctx));

() sets the verification callback of to , overwriting any existing callback.

() also sets the verification callback but it is implemented as a macro.

The verification callback from an X509_STORE is inherited by the corresponding X509_STORE_CTX structure when it is initialized. This can be used to set the verification callback when the X509_STORE_CTX is otherwise inaccessible (for example during S/MIME verification).

() sets the final chain verification function for st to verify_func. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate's first and last validity time. The final chain verification function must return 0 on failure and 1 on success. If X509_STORE_set_verify_func() is not called or called with verify_func set to a NULL pointer, the built-in default function is used.

X509_STORE_CTX_set_verify_cb(3), X509_STORE_new(3)

X509_STORE_set_verify_cb_func() and X509_STORE_set_verify_func() first appeared in SSLeay 0.8.0 and have been available since OpenBSD 2.4.

X509_STORE_set_verify_cb() first appeared in OpenSSL 1.0.0 and has been available since OpenBSD 4.9.

July 29, 2021 OpenBSD-7.0