mirror of
https://repo.or.cz/socat.git
synced 2024-12-22 23:42:34 +00:00
Red Hat issue 1019964: socat now uses the system certificate store
This commit is contained in:
parent
9e863458c6
commit
d4c44ff649
4 changed files with 12 additions and 1 deletions
3
CHANGES
3
CHANGES
|
@ -29,6 +29,9 @@ security:
|
||||||
the openssl-commonname option when it is used.
|
the openssl-commonname option when it is used.
|
||||||
Test: OPENSSL_CN_SERVER_SECURITY
|
Test: OPENSSL_CN_SERVER_SECURITY
|
||||||
|
|
||||||
|
Red Hat issue 1019964: socat now uses the system certificate store with
|
||||||
|
OPENSSL when neither options cafile nor capath are used
|
||||||
|
|
||||||
new features:
|
new features:
|
||||||
OpenSSL addresses set couple of environment variables from values in
|
OpenSSL addresses set couple of environment variables from values in
|
||||||
peer certificate, e.g.:
|
peer certificate, e.g.:
|
||||||
|
|
|
@ -400,6 +400,9 @@
|
||||||
/* Define if you have the SSLv2_server_method function. not in new openssl */
|
/* Define if you have the SSLv2_server_method function. not in new openssl */
|
||||||
#undef HAVE_SSLv2_server_method
|
#undef HAVE_SSLv2_server_method
|
||||||
|
|
||||||
|
/* Define if you have the HAVE_SSL_CTX_set_default_verify_paths function */
|
||||||
|
#undef HAVE_SSL_CTX_set_default_verify_paths
|
||||||
|
|
||||||
/* Define if you have the flock function */
|
/* Define if you have the flock function */
|
||||||
#undef HAVE_FLOCK
|
#undef HAVE_FLOCK
|
||||||
|
|
||||||
|
|
|
@ -1336,7 +1336,8 @@ AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV))
|
||||||
dnl Search for SSLv2_client_method, SSLv2_server_method
|
dnl Search for SSLv2_client_method, SSLv2_server_method
|
||||||
AC_CHECK_FUNC(SSLv3_client_method, AC_DEFINE(HAVE_SSLv3_client_method), AC_CHECK_LIB(crypt, SSLv3_client_method, [LIBS=-lcrypt $LIBS]))
|
AC_CHECK_FUNC(SSLv3_client_method, AC_DEFINE(HAVE_SSLv3_client_method), AC_CHECK_LIB(crypt, SSLv3_client_method, [LIBS=-lcrypt $LIBS]))
|
||||||
AC_CHECK_FUNC(SSLv2_server_method, AC_DEFINE(HAVE_SSLv2_server_method), AC_CHECK_LIB(crypt, SSLv2_server_method, [LIBS=-lcrypt $LIBS]))
|
AC_CHECK_FUNC(SSLv2_server_method, AC_DEFINE(HAVE_SSLv2_server_method), AC_CHECK_LIB(crypt, SSLv2_server_method, [LIBS=-lcrypt $LIBS]))
|
||||||
|
dnl
|
||||||
|
AC_CHECK_FUNC(SSL_CTX_set_default_verify_paths, AC_DEFINE(HAVE_SSL_CTX_set_default_verify_paths))
|
||||||
|
|
||||||
dnl Run time checks
|
dnl Run time checks
|
||||||
|
|
||||||
|
|
|
@ -921,6 +921,10 @@ int
|
||||||
return STAT_RETRYLATER;
|
return STAT_RETRYLATER;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#ifdef HAVE_SSL_CTX_set_default_verify_paths
|
||||||
|
} else {
|
||||||
|
SSL_CTX_set_default_verify_paths(*ctx);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (opt_cert) {
|
if (opt_cert) {
|
||||||
|
|
Loading…
Reference in a new issue