I'm trying to implement TLS client side session caching, but I'm
running into problems with the OpenSSL callback API. It seems most
callbacks don't pass an application context which makes using them
awkward (at least in my application that doesn't have global
variables). SSL_CTX_set_cert_verify_callback(3) allows to pass an
application context:
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
int (*callback)(X509_STORE_CTX *,void *), void *arg);
However, functions like:
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
int (*new_session_cb)(SSL *, SSL_SESSION *));
void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
int (*verify_callback)(int, X509_STORE_CTX *));
don't offer this. It seems the official way to use an application
context is via:
int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int SSL_set_ex_data(SSL *ssl, int idx, void *arg);
void *SSL_get_ex_data(const SSL *ssl, int idx);
However, that still requires a global variable (for idx) as the
example for SSL_CTX_set_verify(3) shows.
Is there some other API (or some "trick") that does not rely
on a global variable?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
