Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 c13d4799 编写于 作者: B Ben Laurie
浏览文件
操作

Send the right CAs to the client.

上级 bc4deee0
隐藏空白更改
内联 并排
Showing with 5 addition and 2 deletion
CHANGES
浏览文件 @ c13d4799
...@@ -5,6 +5,9 @@ ...@@ -5,6 +5,9 @@
Changes between 0.9.1c and 0.9.2 Changes between 0.9.1c and 0.9.2
*) s_server should send the CAfile as acceptable CAs, not its own cert.
[Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
*) Don't blow it for numeric -newkey arguments to apps/req. *) Don't blow it for numeric -newkey arguments to apps/req.
[Bodo Moeller <3moeller@informatik.uni-hamburg.de>] [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
......
apps/s_server.c
浏览文件 @ c13d4799
...@@ -505,7 +505,7 @@ bad: ...@@ -505,7 +505,7 @@ bad:
SSL_CTX_set_cipher_list(ctx,cipher); SSL_CTX_set_cipher_list(ctx,cipher);
SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file)); SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
BIO_printf(bio_s_out,"ACCEPT\n"); BIO_printf(bio_s_out,"ACCEPT\n");
if (www) if (www)
...@@ -645,7 +645,7 @@ int s; ...@@ -645,7 +645,7 @@ int s;
/* strcpy(buf,"server side RE-NEGOTIATE\n"); */ /* strcpy(buf,"server side RE-NEGOTIATE\n"); */
} }
if ((buf[0] == 'R') && if ((buf[0] == 'R') &&
((buf[1] == '\0') || (buf[1] == '\r'))) ((buf[1] == '\n') || (buf[1] == '\r')))
{ {
SSL_set_verify(con, SSL_set_verify(con,
SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册