<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>In my verify callback (for 1.0.2, mind you), I use
X509_STORE_CTX_get_app_data(ctx) to get the SSL* pointer.
X509_STORE_CTX_get_app_data(ctx) is a macro in OpenSSL's
"x509_vfy.h" header file that maps to <span class="pl-c1">X509_STORE_CTX_get_ex_data</span>(ctx,<span
class="pl-c1">0</span>) (why doesn't it use
SSL_get_ex_data_X509_STORE_CTX_idx() instead of 0?).</p>
<p><br>
</p>
<pre class="moz-signature" cols="72">Remy Lebeau
Lebeau Software</pre>
<div class="moz-cite-prefix">On 8/5/2019 7:40 AM, Matt Caswell
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:c89154d0-8073-2d90-9d13-9ba741b20d82@openssl.org">
<pre class="moz-quote-pre" wrap="">From within your callback you can do this to get hold of the SSL object:
SSL *s = (SSL *)X509_STORE_CTX_get_ex_data(ctx,
SSL_get_ex_data_X509_STORE_CTX_idx());
And then this to get hold of the hostname requested:
const char *hostname = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
</pre>
</blockquote>
</body>
</html>