Unfortunately luaossl doesn't support this feature at the moment. This pull request contains my proposal of this feature. I extended the openssl.context:setVerify. Now you can pass an optional third argument with a custom verify callback written in LUA. I also added X509_STCTX_CLASS with methods getCurrentCert (X509_STORE_CTX_get_current_cert) and getCert (X509_STORE_CTX_get0_cert). Both methods return openssl.x509 object.
Example:
...
local function verifyCallback(preverify, x509Ctx)
local cert = x509Ctx:getCert()
print(cert:getSubject())
return preverify
end
...
ctx:setVerify(yourFlags, nil, verifyCallback)
...
I need some additional certificate checking during verification. Vanilla OpenSSL library provides support for custom verify callback as described here https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_verify.html
Unfortunately luaossl doesn't support this feature at the moment. This pull request contains my proposal of this feature. I extended the openssl.context:setVerify. Now you can pass an optional third argument with a custom verify callback written in LUA. I also added X509_STCTX_CLASS with methods getCurrentCert (X509_STORE_CTX_get_current_cert) and getCert (X509_STORE_CTX_get0_cert). Both methods return openssl.x509 object.
Example: