Add async certificate verification callback. This also serves as a certificate verification callback for CRYPTO_BUFFER-based consumers. Remove the silly SSL_CTX_i_promise_to_verify_certs_after_the_handshake placeholder. Bug: 54, chromium:347402 Change-Id: I4c6b445cb9cd7204218acb2e5d1625e6f37aff6f Reviewed-on: https://boringssl-review.googlesource.com/17964 Reviewed-by: David Benjamin <davidben@google.com>

commit: 3a1dd46e4e902ce669616a9bb5f54a9e7c801df6 [log] [tgz]
author: David Benjamin <davidben@google.com> Tue Jul 11 16:13:10 2017 -0400
committer: David Benjamin <davidben@google.com> Mon Jul 17 20:55:23 2017 +0000
tree: 832ab83303faf744df8acdae397107fbcf9b9206
parent: 7e9e06a7393298c65a2a33e0cb3d13e957c06e4a [diff] [blame]
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 2b241ba..39cd07b 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h

@@ -334,6 +334,7 @@
 /* server */
 /* extra state */
 #define SSL3_ST_SW_FLUSH (0x100 | SSL_ST_ACCEPT)
+#define SSL3_ST_VERIFY_CLIENT_CERT (0x101 | SSL_ST_ACCEPT)
 /* read from client */
 #define SSL3_ST_SR_CLNT_HELLO_A (0x110 | SSL_ST_ACCEPT)
 #define SSL3_ST_SR_CLNT_HELLO_B (0x111 | SSL_ST_ACCEPT)
commit	3a1dd46e4e902ce669616a9bb5f54a9e7c801df6	[log] [tgz]
author	David Benjamin <davidben@google.com>	Tue Jul 11 16:13:10 2017 -0400
committer	David Benjamin <davidben@google.com>	Mon Jul 17 20:55:23 2017 +0000
tree	832ab83303faf744df8acdae397107fbcf9b9206
parent	7e9e06a7393298c65a2a33e0cb3d13e957c06e4a [diff] [blame]