Add support for certificate stores in CERT structure. This makes it
possible to have different stores per SSL structure or one store in the parent SSL_CTX. Include distint stores for certificate chain verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN to build and store a certificate chain in CERT structure: returing an error if the chain cannot be built: this will allow applications to test if a chain is correctly configured. Note: if the CERT based stores are not set then the parent SSL_CTX store is used to retain compatibility with existing behaviour. (backport from HEAD)
This commit is contained in:
Dr. Stephen Henson
@@ -195,6 +195,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
|
||||
{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "ssl_add_serverhello_tlsext"},
|
||||
{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT), "ssl_add_serverhello_use_srtp_ext"},
|
||||
{ERR_FUNC(SSL_F_SSL_BAD_METHOD), "ssl_bad_method"},
|
||||
{ERR_FUNC(SSL_F_SSL_BUILD_CERT_CHAIN), "ssl_build_cert_chain"},
|
||||
{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "ssl_bytes_to_cipher_list"},
|
||||
{ERR_FUNC(SSL_F_SSL_CERT_DUP), "ssl_cert_dup"},
|
||||
{ERR_FUNC(SSL_F_SSL_CERT_INST), "ssl_cert_inst"},
|
||||
|
||||
Reference in New Issue
Block a user