Provided by: libglobus-gsi-callback-doc_6.2-1build1_all bug

NAME

       globus_gsi_callback_functions - Callback Functions

        - Callback Functions.

SYNOPSIS

   Functions
       globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int *index)
           Get callback data index from X509_STORE.
       globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int *index)
           Get callback data index from SSL structure.
       int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX *context, void *arg)
           Certificate verify wrapper.
       int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX
           *x509_context)
           Independent path validation callback.
       int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX
           *x509_context)
           SSL path validation callback.
       int globus_gsi_callback_check_issued (X509_STORE_CTX *context, X509 *cert, X509 *issuer)
           OpenSSL X509_check_issued() wrapper.

Detailed Description

       Callback Functions.

       Functions that plug into various plug points in the OpenSSL path validation mechanism.
       These functions add CRL checking, X509 Extension handling and proxy validation.

Function Documentation

   int globus_gsi_callback_check_issued (X509_STORE_CTX * context, X509 * cert, X509 * issuer)
       OpenSSL X509_check_issued() wrapper. This function wraps the OpenSSL X509_check_issued()
       call and catches the error caused by the fact that a proxy certificate issuer may not have
       to have the correct KeyUsage fields set.

       Parameters
           context The validation state object.
           cert The certificate to check
           issuer The issuer certificate to check

       Returns
           1 on success 0 on failure

   int globus_gsi_callback_create_proxy_callback (int preverify_ok, X509_STORE_CTX *
       x509_context)
       Independent path validation callback. This function provides a path validation callback
       for validation outside of a SSL session. It should be used in
       X509_STORE_set_verify_cb_func().

       Parameters
           preverify_ok Communicates the result of default validation steps performed by OpenSSL

           x509_context The validation state object

       Returns
           1 on success 0 on failure

   globus_result_t globus_gsi_callback_get_SSL_callback_data_index (int * index)
       Get callback data index from SSL structure. Retrieve or create the index for our callback
       data structure in the SSL structure.

       Parameters
           index Will contain the index upon return

       Returns
           GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is
           returned

   globus_result_t globus_gsi_callback_get_X509_STORE_callback_data_index (int * index)
       Get callback data index from X509_STORE. Retrieve or create the index for our callback
       data structure in the X509_STORE.

       Parameters
           index Will contain the index upon return

       Returns
           GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is
           returned

   int globus_gsi_callback_handshake_callback (int preverify_ok, X509_STORE_CTX * x509_context)
       SSL path validation callback. This function provides a path validation callback for the
       validation part of establishing a SSL session. It handles proxy certificates, X509
       Extensions and CRL checking. It should be used in SSL_CTX_set_verify().

       Parameters
           preverify_ok Communicates the result of default validation steps performed by OpenSSL

           x509_context The validation state object.

       Returns
           1 on success 0 on failure

   int globus_gsi_callback_X509_verify_cert (X509_STORE_CTX * context, void * arg)
       Certificate verify wrapper. This function wraps the OpenSSL certificate verification
       callback for the purpose of a replacing the standard issuer check with one that deals with
       proxy certificates. Should be used with SSL_CTX_set_cert_verify_callback()

       Parameters
           context The X509_STORE_CTX for which to register the callback.
           arg Arguments to the callback. Currently ignored.

       Returns
           1 on success 0 on failure

Author

       Generated automatically by Doxygen for globus_gsi_callback from the source code.