LWS_OPENSSL_CLIENT_CERTS);
}
+ /*
+ * callback allowing user code to load extra verification certs
+ * helping the client to verify server identity
+ */
+
+ this->protocols[0].callback(this, wsi,
+ LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
+ this->ssl_client_ctx, NULL, 0);
+
+
if (this->use_ssl) {
/* openssl init for server sockets */
LWS_CALLBACK_BROADCAST,
LWS_CALLBACK_FILTER_NETWORK_CONNECTION,
LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION,
+ LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
/* external poll() management support */
LWS_CALLBACK_ADD_POLL_FD,
* content before deciding to allow the handshake to proceed or
* to kill the connection.
*
+ * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS: if configure for
+ * including OpenSSL support, this callback allows your user code
+ * to perform extra SSL_CTX_load_verify_locations() or similar
+ * calls to direct OpenSSL where to find certificates the client
+ * can use to confirm the remote server identity. @user is the
+ * OpenSSL SSL_CTX*
*
* The next four reasons are optional and only need taking care of if you
* will be integrating libwebsockets sockets into an external polling
to check for and read the supported header presence and
content before deciding to allow the handshake to proceed or
to kill the connection.
-<p>
+</blockquote>
+<h3>LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS</h3>
+<blockquote>
+if configure for
+including OpenSSL support, this callback allows your user code
+to perform extra <b>SSL_CTX_load_verify_locations</b> or similar
+calls to direct OpenSSL where to find certificates the client
+can use to confirm the remote server identity. <tt><b>user</b></tt> is the
+OpenSSL SSL_CTX*
<p>
The next four reasons are optional and only need taking care of if you
will be integrating libwebsockets sockets into an external polling