> (why doesn't it use SSL_get_ex_data_X509_STORE_CTX_idx() instead of 0?).
History; OpenSSL reserved some exdata indices for itself.
In my verify callback (for 1.0.2, mind you), I use
X509_STORE_CTX_get_app_data(ctx) to get the SSL* pointer.
X509_STORE_CTX_get_app_data(ctx) is a macro in OpenSSL's "x509_vfy.h"
header file that maps to X509_STORE_CTX_get_ex_data(ctx,0) (why doesn't
it use SSL_get_ex_data_X509_STORE_CTX_idx()
On 02/08/2019 18:24, Neptune wrote:
> I am in the process of migrating our code from the 1.0.2 library to 1.1 and
> have run across a situation that I am struggling to reconcile:
>
> The existing code utilizes the verify_callback() function in order to
> perform validation measures against a
I am in the process of migrating our code from the 1.0.2 library to 1.1 and
have run across a situation that I am struggling to reconcile:
The existing code utilizes the verify_callback() function in order to
perform validation measures against a peer certificate. This callback
performs