Allow various X509_STORE_CTX properties to be

inherited from X509_STORE. Add CRL checking options to other applications.
author: Dr. Stephen Henson <steve@openssl.org> 2001-05-09 00:30:39 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2001-05-09 00:30:39 +0000
commit: bdee69f7186e1d0b94baa5179d068fc9c611faf5 (patch)
tree: 87ecf24c97dca8a8a92f10a70b6028282e8e060a /apps/s_server.c
parent: ff43e2e1557962794f773dd9243d6ffdbf4db1aa (diff)
download: openssl-bdee69f7186e1d0b94baa5179d068fc9c611faf5.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/apps/s_server.c b/apps/s_server.c
index cd1aa17b26..8d76c8f3fa 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -414,6 +414,8 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char *argv[])
 	{
+	X509_STORE *store = NULL;
+	int vflags = 0;
 	short port=PORT;
 	char *CApath=NULL,*CAfile=NULL;
 	char *context = NULL;
@@ -518,6 +520,14 @@ int MAIN(int argc, char *argv[])
 			if (--argc < 1) goto bad;
 			CApath= *(++argv);
 			}
+		else if (strcmp(*argv,"-crl_check") == 0)
+			{
+			vflags |= X509_V_FLAG_CRL_CHECK;
+			}
+		else if (strcmp(*argv,"-crl_check") == 0)
+			{
+			vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
+			}
 		else if	(strcmp(*argv,"-serverpref") == 0)
 			{ off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
 		else if	(strcmp(*argv,"-cipher") == 0)
@@ -721,6 +731,8 @@ bad:
 		ERR_print_errors(bio_err);
 		/* goto end; */
 		}
+	store = SSL_CTX_get_cert_store(ctx);
+	X509_STORE_set_flags(store, vflags);
 
 #ifndef OPENSSL_NO_DH
 	if (!no_dhe)
author	Dr. Stephen Henson <steve@openssl.org>	2001-05-09 00:30:39 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2001-05-09 00:30:39 +0000
commit	bdee69f7186e1d0b94baa5179d068fc9c611faf5 (patch)
tree	87ecf24c97dca8a8a92f10a70b6028282e8e060a /apps/s_server.c
parent	ff43e2e1557962794f773dd9243d6ffdbf4db1aa (diff)
download	openssl-bdee69f7186e1d0b94baa5179d068fc9c611faf5.tar.gz