openvpn/ssl__verify__mbedtls_8h_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single TCP/UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>

 *  Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, see <https://www.gnu.org/licenses/>.

 */


#ifndef SSL_VERIFY_MBEDTLS_H_

#define SSL_VERIFY_MBEDTLS_H_


#include "syshead.h"

#include <mbedtls/x509_crt.h>


#ifndef __OPENVPN_X509_CERT_T_DECLARED

#define __OPENVPN_X509_CERT_T_DECLARED

typedef mbedtls_x509_crt openvpn_x509_cert_t;

#endif


int verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, uint32_t *flags);


#endif /* SSL_VERIFY_MBEDTLS_H_ */

verify_callback
int verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, uint32_t *flags)
Verify that the remote OpenVPN peer's certificate allows setting up a VPN tunnel.

openvpn_x509_cert_t
mbedtls_x509_crt openvpn_x509_cert_t
Definition ssl_verify_mbedtls.h:37

syshead.h