mirror of
https://repo.or.cz/socat.git
synced 2024-12-22 15:32:35 +00:00
Red Hat issue 1019964: socat now uses the system certificate store
This commit is contained in:
parent
9e863458c6
commit
d4c44ff649
4 changed files with 12 additions and 1 deletions
3
CHANGES
3
CHANGES
|
@ -29,6 +29,9 @@ security:
|
|||
the openssl-commonname option when it is used.
|
||||
Test: OPENSSL_CN_SERVER_SECURITY
|
||||
|
||||
Red Hat issue 1019964: socat now uses the system certificate store with
|
||||
OPENSSL when neither options cafile nor capath are used
|
||||
|
||||
new features:
|
||||
OpenSSL addresses set couple of environment variables from values in
|
||||
peer certificate, e.g.:
|
||||
|
|
|
@ -400,6 +400,9 @@
|
|||
/* Define if you have the SSLv2_server_method function. not in new openssl */
|
||||
#undef HAVE_SSLv2_server_method
|
||||
|
||||
/* Define if you have the HAVE_SSL_CTX_set_default_verify_paths function */
|
||||
#undef HAVE_SSL_CTX_set_default_verify_paths
|
||||
|
||||
/* Define if you have the flock function */
|
||||
#undef HAVE_FLOCK
|
||||
|
||||
|
|
|
@ -1336,7 +1336,8 @@ AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV))
|
|||
dnl Search for SSLv2_client_method, SSLv2_server_method
|
||||
AC_CHECK_FUNC(SSLv3_client_method, AC_DEFINE(HAVE_SSLv3_client_method), AC_CHECK_LIB(crypt, SSLv3_client_method, [LIBS=-lcrypt $LIBS]))
|
||||
AC_CHECK_FUNC(SSLv2_server_method, AC_DEFINE(HAVE_SSLv2_server_method), AC_CHECK_LIB(crypt, SSLv2_server_method, [LIBS=-lcrypt $LIBS]))
|
||||
|
||||
dnl
|
||||
AC_CHECK_FUNC(SSL_CTX_set_default_verify_paths, AC_DEFINE(HAVE_SSL_CTX_set_default_verify_paths))
|
||||
|
||||
dnl Run time checks
|
||||
|
||||
|
|
|
@ -921,6 +921,10 @@ int
|
|||
return STAT_RETRYLATER;
|
||||
}
|
||||
}
|
||||
#ifdef HAVE_SSL_CTX_set_default_verify_paths
|
||||
} else {
|
||||
SSL_CTX_set_default_verify_paths(*ctx);
|
||||
#endif
|
||||
}
|
||||
|
||||
if (opt_cert) {
|
||||
|
|
Loading…
Reference in a new issue