diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-03-17 15:55:11 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-03-18 12:31:06 +0000 |
commit | 8b84495380098592ef7bb2fa9209ccb87803bf1d (patch) | |
tree | 090c21680e25a9ef0444e0c47197066d9ff7745a | |
parent | c1559f5046092b542f8033bb8eec8bd88ce0d8f2 (diff) |
Add support for ServerInfo SSL_CONF option.
Add support for ServerInfo SSL_CONF option and update documentation. This
was wrongly omitted from the 1.0.2 release.
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | doc/ssl/SSL_CONF_cmd.pod | 5 | ||||
-rw-r--r-- | ssl/ssl_conf.c | 13 |
2 files changed, 18 insertions, 0 deletions
diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod index 6d073cb9fc..2bf1a60e90 100644 --- a/doc/ssl/SSL_CONF_cmd.pod +++ b/doc/ssl/SSL_CONF_cmd.pod @@ -195,6 +195,11 @@ context. This option is only supported if certificate operations are permitted. Note: if no B<-key> option is set then a private key is not loaded: it does not currently use the B<Certificate> file. +=item B<ServerInfoFile> + +Attempts to use the file B<value> in the "serverinfo" extension using the +function SSL_CTX_use_serverinfo_file. + =item B<DHParameters> Attempts to use the file B<value> as the set of temporary DH parameters for diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index d950242f0b..5478840dea 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -386,6 +386,18 @@ static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value) return rv > 0; } +static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value) +{ + int rv = 1; + if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE)) + return -2; + if (!(cctx->flags & SSL_CONF_FLAG_SERVER)) + return -2; + if (cctx->ctx) + rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value); + return rv > 0; +} + #ifndef OPENSSL_NO_DH static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value) { @@ -444,6 +456,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { SSL_CONF_CMD_STRING(Options, NULL), SSL_CONF_CMD(Certificate, "cert", SSL_CONF_TYPE_FILE), SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_TYPE_FILE), + SSL_CONF_CMD(ServerInfoFile, NULL, SSL_CONF_TYPE_FILE), #ifndef OPENSSL_NO_DH SSL_CONF_CMD(DHParameters, "dhparam", SSL_CONF_TYPE_FILE) #endif |