diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-12-06 18:43:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-01-18 15:38:13 +0000 |
commit | 57912ed329f870b237f2fd9f2de8dec3477d1729 (patch) | |
tree | 9f38f8edce44b775fc043c25d5fe9d96a5c53cb3 /apps/s_client.c | |
parent | e998f8aeb83885275aefbba59c811e48308b2771 (diff) |
Add code to download CRLs based on CRLDP extension.
Just a sample, real world applications would have to be cleverer.
Diffstat (limited to 'apps/s_client.c')
-rw-r--r-- | apps/s_client.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index edd06fc02b..8fe2c56f2a 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -638,6 +638,7 @@ static char *jpake_secret = NULL; char *crl_file = NULL; int crl_format = FORMAT_PEM; + int crl_download = 0; STACK_OF(X509_CRL) *crls = NULL; meth=SSLv23_client_method(); @@ -714,6 +715,8 @@ static char *jpake_secret = NULL; if (--argc < 1) goto bad; crl_file= *(++argv); } + else if (strcmp(*argv,"-crl_download") == 0) + crl_download = 1; else if (strcmp(*argv,"-sess_out") == 0) { if (--argc < 1) goto bad; @@ -1193,7 +1196,8 @@ bad: goto end; } - if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile, crls)) + if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile, + crls, crl_download)) { BIO_printf(bio_err, "Error loading store locations\n"); ERR_print_errors(bio_err); @@ -1255,7 +1259,7 @@ bad: /* goto end; */ } - ssl_ctx_add_crls(ctx, crls); + ssl_ctx_add_crls(ctx, crls, crl_download); if (!set_cert_key_stuff(ctx,cert,key,chain,build_chain)) goto end; |