Add async certificate verification callback. This also serves as a certificate verification callback for CRYPTO_BUFFER-based consumers. Remove the silly SSL_CTX_i_promise_to_verify_certs_after_the_handshake placeholder. Bug: 54, chromium:347402 Change-Id: I4c6b445cb9cd7204218acb2e5d1625e6f37aff6f Reviewed-on: https://boringssl-review.googlesource.com/17964 Reviewed-by: David Benjamin <davidben@google.com>

commit: 3a1dd46e4e902ce669616a9bb5f54a9e7c801df6 [log] [tgz]
author: David Benjamin <davidben@google.com> Tue Jul 11 16:13:10 2017 -0400
committer: David Benjamin <davidben@google.com> Mon Jul 17 20:55:23 2017 +0000
tree: 832ab83303faf744df8acdae397107fbcf9b9206
parent: 7e9e06a7393298c65a2a33e0cb3d13e957c06e4a [diff] [blame]
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 2c648ac..640718a 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc

@@ -3276,7 +3276,11 @@
   ASSERT_TRUE(SSL_CTX_set_chain_and_key(server_ctx.get(), &chain[0],
                                         chain.size(), key.get(), nullptr));
 
-  SSL_CTX_i_promise_to_verify_certs_after_the_handshake(client_ctx.get());
+  SSL_CTX_set_custom_verify(
+      client_ctx.get(), SSL_VERIFY_PEER,
+      [](SSL *ssl, uint8_t *out_alert) -> ssl_verify_result_t {
+        return ssl_verify_ok;
+      });
 
   bssl::UniquePtr<SSL> client, server;
   ASSERT_TRUE(ConnectClientAndServer(&client, &server, client_ctx.get(),
commit	3a1dd46e4e902ce669616a9bb5f54a9e7c801df6	[log] [tgz]
author	David Benjamin <davidben@google.com>	Tue Jul 11 16:13:10 2017 -0400
committer	David Benjamin <davidben@google.com>	Mon Jul 17 20:55:23 2017 +0000
tree	832ab83303faf744df8acdae397107fbcf9b9206
parent	7e9e06a7393298c65a2a33e0cb3d13e957c06e4a [diff] [blame]