HCoop
/
hcoop
/
domtool2.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Better OpenSSL error reporting
[hcoop/domtool2.git]
/
openssl
/
openssl_sml.c
diff --git
a/openssl/openssl_sml.c
b/openssl/openssl_sml.c
index
ee57282
..
0ce16d2
100644
(file)
--- a/
openssl/openssl_sml.c
+++ b/
openssl/openssl_sml.c
@@
-24,6
+24,10
@@
int OpenSSL_SML_get_error() {
return ERR_get_error();
}
return ERR_get_error();
}
+int OpenSSL_SML_should_retry(BIO *b) {
+ return BIO_should_retry(b);
+}
+
const char *OpenSSL_SML_lib_error_string(int err) {
return ERR_lib_error_string(err);
}
const char *OpenSSL_SML_lib_error_string(int err) {
return ERR_lib_error_string(err);
}
@@
-69,6
+73,8
@@
SSL_CTX *OpenSSL_SML_CTX_new(SSL_METHOD *meth) {
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
0);
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
0);
+ SSL_CTX_set_verify_depth(ctx,
+ 2);
return ctx;
}
return ctx;
}
@@
-196,21
+202,16
@@
int OpenSSL_SML_use_certificate_chain_file(SSL_CTX *ctx, char *keyfile) {
keyfile);
}
keyfile);
}
-static unsigned char subject[] = "Subject";
-
const char *OpenSSL_SML_get_peer_name(SSL *ssl) {
X509 *x = SSL_get_peer_certificate(ssl);
const char *OpenSSL_SML_get_peer_name(SSL *ssl) {
X509 *x = SSL_get_peer_certificate(ssl);
- unsigned char *name = subject;
- X509_NAME *nm;
if (x) {
X509_NAME *name = X509_get_subject_name(x);
if (name) {
if (x) {
X509_NAME *name = X509_get_subject_name(x);
if (name) {
- unsigned char *out;
X509_NAME_ENTRY *ne;
X509_NAME_ENTRY *ne;
- ne = X509_NAME_get_entry(name,
3
);
+ ne = X509_NAME_get_entry(name,
0
);
if (ne) {
ASN1_STRING *s = X509_NAME_ENTRY_get_data(ne);
if (ne) {
ASN1_STRING *s = X509_NAME_ENTRY_get_data(ne);