Added configurable SSL certificate verification depth and updated the documentation in the code.

server/include/service.h

@@ -125,6 +125,8 @@ enum{
   SERVICE_SSL_TLS_MAX
 };
 
+#define DEFAULT_SSL_CERT_VERIFY_DEPTH 100 /*< The default certificate verification depth */
+
 /**
  * Defines a service within the gateway.
  *
@@ -173,14 +175,14 @@ typedef struct service {
 	char		*weightby;
 	struct service	*next;			/**< The next service in the linked list */
         SSL_CTX         *ctx;
-        SSL            *ssl;
         SSL_METHOD      *method;                           /*<  SSLv2/3 or TLSv1/2 methods
                                                            * see: https://www.openssl.org/docs/ssl/SSL_CTX_new.html */
+        int ssl_cert_verify_depth; /*< SSL certificate verification depth */
         int ssl_method_type; /*< Which of the SSLv2/3 or TLS1.0/1.1/1.2 methods to use */
-        char* ssl_cert;
-        char* ssl_key;
-        char* ssl_ca_cert;
-        bool ssl_init_done;
+        char* ssl_cert; /*< SSL certificate */
+        char* ssl_key; /*< SSL private key */
+        char* ssl_ca_cert; /*< SSL CA certificate */
+        bool ssl_init_done; /*< If SSL has already been initialized for this service */
 
 } SERVICE;
 
@@ -212,6 +214,7 @@ extern	void	serviceSetFilters(SERVICE *, char *);
 extern  int     serviceSetSSL(SERVICE *service, char* action);
 extern  int     serviceInitSSL(SERVICE* service);
 extern  int     serviceSetSSLVersion(SERVICE *service, char* version);
+extern  int     serviceSetSSLVerifyDepth(SERVICE* service, int depth);
 extern  void    serviceSetCertificates(SERVICE *service, char* cert,char* key, char* ca_cert);
 extern	int	serviceEnableRootUser(SERVICE *, int );
 extern	int	serviceSetTimeout(SERVICE *, int );