X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_cb.c;h=ed877af1220e9d4da16e45987c8339d54187f8bb;hb=a46c705214004358c8e7b1b5c3eb1c45615d3b21;hp=411a4f671ac7c1c52f8cbcbf1bee4c4780427f78;hpb=5b430cfc441e7e442199ccfaefb99af2b13dc44e;p=oweals%2Fopenssl.git diff --git a/apps/s_cb.c b/apps/s_cb.c index 411a4f671a..ed877af122 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -259,6 +259,7 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, STACK_OF(X509) *chain, int build_chain) { + int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0; if (cert == NULL) return 1; if (SSL_CTX_use_certificate(ctx,cert) <= 0) @@ -288,7 +289,7 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, ERR_print_errors(bio_err); return 0; } - if (!chain && build_chain && !SSL_CTX_build_cert_chain(ctx, 0)) + if (build_chain && !SSL_CTX_build_cert_chain(ctx, chflags)) { BIO_printf(bio_err,"error building certificate chain\n"); ERR_print_errors(bio_err); @@ -1021,6 +1022,10 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, break; #endif + case TLSEXT_TYPE_padding: + extname = "TLS padding"; + break; + default: extname = "unknown"; break; @@ -1264,6 +1269,16 @@ static int set_cert_cb(SSL *ssl, void *arg) { int i, rv; SSL_EXCERT *exc = arg; +#ifdef CERT_CB_TEST_RETRY + static int retry_cnt; + if (retry_cnt < 5) + { + retry_cnt++; + fprintf(stderr, "Certificate callback retry test: count %d\n", + retry_cnt); + return -1; + } +#endif SSL_certs_clear(ssl); if (!exc) @@ -1677,6 +1692,12 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, } } #endif + if (!SSL_CONF_CTX_finish(cctx)) + { + BIO_puts(err, "Error finishing context\n"); + ERR_print_errors(err); + return 0; + } return 1; } @@ -1724,7 +1745,6 @@ int ssl_load_stores(SSL_CTX *ctx, ch = X509_STORE_new(); if (!X509_STORE_load_locations(ch, chCAfile, chCApath)) goto err; - /*X509_STORE_set_verify_cb(ch, verify_callback);*/ SSL_CTX_set1_chain_cert_store(ctx, ch); } rv = 1;