Google Git
Sign in
boringssl / boringssl.git / 2056f63bdb42338e0cf3ba01c3f9f77ac1c1420e^! / . / include / openssl / ssl.h
commit2056f63bdb42338e0cf3ba01c3f9f77ac1c1420e[log] [tgz]
authorDavid Benjamin <davidben@google.com>Sun Feb 05 16:15:43 2017 -0500
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Mon Feb 06 17:17:32 2017 +0000
tree6b201e65b09559b8baeddab6e21fbaa8dee70b6f
parentb2ff2623a88a65fd4db42d3820f3d8c64e8ab180 [diff] [blame]
Recommend ex_data for SSL_CTX_set_cert_verify_callback.

Using the arg parameter does not work well. This is purely an
SSL_CTX-level callback, not an SSL-level one.

Change-Id: Ib968807efbe7dd08e71cea1c4d8034a52c729d45
Reviewed-on: https://boringssl-review.googlesource.com/13629
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 3bb5b78..49a6ee2 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -2239,9 +2239,8 @@
  * zero on fatal error. It may use |X509_STORE_CTX_set_error| to set a
  * verification result.
  *
- * The callback may use either the |arg| parameter or
- * |SSL_get_ex_data_X509_STORE_CTX_idx| to recover the associated |SSL|
- * object. */
+ * The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| to recover the
+ * |SSL| object from |store_ctx|. */
 OPENSSL_EXPORT void SSL_CTX_set_cert_verify_callback(
     SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *store_ctx, void *arg),
     void *arg);