Index: net/socket/ssl_client_socket_openssl.h |
diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h |
index 5f4800a08de3ee71114e706e43dfae353f0fb23a..916903eb3df0daf1433363b26b5fe289c0dde8c6 100644 |
--- a/net/socket/ssl_client_socket_openssl.h |
+++ b/net/socket/ssl_client_socket_openssl.h |
@@ -27,6 +27,8 @@ typedef struct evp_pkey_st EVP_PKEY; |
typedef struct ssl_st SSL; |
// <openssl/x509.h> |
typedef struct x509_st X509; |
+// <openssl/ossl_type.h> |
+typedef struct x509_store_ctx_st X509_STORE_CTX; |
namespace net { |
@@ -131,6 +133,11 @@ class SSLClientSocketOpenSSL : public SSLClientSocket { |
// Channel IDs. |
void ChannelIDRequestCallback(SSL* ssl, EVP_PKEY** pkey); |
+ // CertificateCallback is called to verify the server's certificates. We do |
+ // verification after the handshake so this function only enforces that the |
+ // certificates don't change during renegotiation. |
+ int CertificateCallback(X509_STORE_CTX *store_ctx); |
wtc
2014/02/27 22:12:07
Nit: rename this function "VerifyCertCallback".
agl
2014/02/27 22:31:23
Done.
|
+ |
// Callback from the SSL layer to check which NPN protocol we are supporting |
int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, |
const unsigned char* in, unsigned int inlen); |