[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Dr. Stephen Henson
steve at openssl.org
Wed Mar 18 12:32:18 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via 8b84495380098592ef7bb2fa9209ccb87803bf1d (commit)
from c1559f5046092b542f8033bb8eec8bd88ce0d8f2 (commit)
- Log -----------------------------------------------------------------
commit 8b84495380098592ef7bb2fa9209ccb87803bf1d
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Mar 17 15:55:11 2015 +0000
Add support for ServerInfo SSL_CONF option.
Add support for ServerInfo SSL_CONF option and update documentation. This
was wrongly omitted from the 1.0.2 release.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
doc/ssl/SSL_CONF_cmd.pod | 5 +++++
ssl/ssl_conf.c | 13 +++++++++++++
2 files changed, 18 insertions(+)
diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod
index 6d073cb..2bf1a60 100644
--- a/doc/ssl/SSL_CONF_cmd.pod
+++ b/doc/ssl/SSL_CONF_cmd.pod
@@ -195,6 +195,11 @@ context. This option is only supported if certificate operations
are permitted. Note: if no B<-key> option is set then a private key is
not loaded: it does not currently use the B<Certificate> file.
+=item B<ServerInfoFile>
+
+Attempts to use the file B<value> in the "serverinfo" extension using the
+function SSL_CTX_use_serverinfo_file.
+
=item B<DHParameters>
Attempts to use the file B<value> as the set of temporary DH parameters for
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index d950242..5478840 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -386,6 +386,18 @@ static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value)
return rv > 0;
}
+static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value)
+{
+ int rv = 1;
+ if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
+ return -2;
+ if (!(cctx->flags & SSL_CONF_FLAG_SERVER))
+ return -2;
+ if (cctx->ctx)
+ rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value);
+ return rv > 0;
+}
+
#ifndef OPENSSL_NO_DH
static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value)
{
@@ -444,6 +456,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
SSL_CONF_CMD_STRING(Options, NULL),
SSL_CONF_CMD(Certificate, "cert", SSL_CONF_TYPE_FILE),
SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_TYPE_FILE),
+ SSL_CONF_CMD(ServerInfoFile, NULL, SSL_CONF_TYPE_FILE),
#ifndef OPENSSL_NO_DH
SSL_CONF_CMD(DHParameters, "dhparam", SSL_CONF_TYPE_FILE)
#endif
More information about the openssl-commits
mailing list