From 8caaa5d4de649fb4408f76f5b2b1767ca5a874a6 Mon Sep 17 00:00:00 2001
From: Marcel Poul <marcel.poul@cern.ch>
Date: Tue, 13 Dec 2011 11:18:03 +0000
Subject: [PATCH] call VOMS callback routines

---
 emi.canl.canl-c/src/canl_locl.h | 2 +-
 emi.canl.canl-c/src/canl_ssl.c  | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/emi.canl.canl-c/src/canl_locl.h b/emi.canl.canl-c/src/canl_locl.h
index ce36fbe..9011a7a 100644
--- a/emi.canl.canl-c/src/canl_locl.h
+++ b/emi.canl.canl-c/src/canl_locl.h
@@ -26,7 +26,7 @@
 #include <sys/socket.h>
 #include <string.h>
 
-
+#include "sslutils.h"
 
 
 #include "canl.h"
diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c
index 2e7a337..fb17a2e 100644
--- a/emi.canl.canl-c/src/canl_ssl.c
+++ b/emi.canl.canl-c/src/canl_ssl.c
@@ -45,9 +45,9 @@ int ssl_server_init(glb_ctx *cc)
     //SSL_CTX_set_purpose(cc->ssl_ctx, X509_PURPOSE_ANY);
     //SSL_CTX_set_mode(cc->ssl_ctx, SSL_MODE_AUTO_RETRY);
     // TODO proxy_verify_callback, verify_none only for testing !!!!!!!
-    SSL_CTX_set_verify(cc->ssl_ctx, SSL_VERIFY_NONE, NULL);
+    SSL_CTX_set_verify(cc->ssl_ctx, SSL_VERIFY_NONE, proxy_verify_callback);
     //SSL_CTX_set_verify_depth(ctx, 100);
-    //SSL_CTX_set_cert_verify_callback(ctx, proxy_app_verify_callback, 0);
+    SSL_CTX_set_cert_verify_callback(cc->ssl_ctx, proxy_app_verify_callback, 0);
     if (cc->cert_key) {
         if (cc->cert_key->cert) {
             err = SSL_CTX_use_certificate(cc->ssl_ctx, cc->cert_key->cert);
@@ -137,7 +137,7 @@ int ssl_client_init(glb_ctx *cc, io_handler *io)
 
     //SSL_CTX_set_options(cc->ssl_ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS | SSL_OP_NO_SSLv2);
     //TODO testing 
-    SSL_CTX_set_verify(cc->ssl_ctx, SSL_VERIFY_NONE, NULL);
+    SSL_CTX_set_verify(cc->ssl_ctx, SSL_VERIFY_NONE, proxy_verify_callback);
     //SSL_CTX_set_verify_depth(ctx, 100);
     //SSL_CTX_load_verify_locations(ctx, NULL, cacertdir);
     //SSL_CTX_set_purpose(cc->ssl_ctx, X509_PURPOSE_ANY);
-- 
1.8.2.3