diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2001-05-09 00:30:39 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2001-05-09 00:30:39 +0000 |
commit | bdee69f7186e1d0b94baa5179d068fc9c611faf5 (patch) | |
tree | 87ecf24c97dca8a8a92f10a70b6028282e8e060a /apps/s_server.c | |
parent | ff43e2e1557962794f773dd9243d6ffdbf4db1aa (diff) | |
download | openssl-bdee69f7186e1d0b94baa5179d068fc9c611faf5.tar.gz |
Allow various X509_STORE_CTX properties to be
inherited from X509_STORE.
Add CRL checking options to other applications.
Diffstat (limited to 'apps/s_server.c')
-rw-r--r-- | apps/s_server.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/apps/s_server.c b/apps/s_server.c index cd1aa17b26..8d76c8f3fa 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -414,6 +414,8 @@ int MAIN(int, char **); int MAIN(int argc, char *argv[]) { + X509_STORE *store = NULL; + int vflags = 0; short port=PORT; char *CApath=NULL,*CAfile=NULL; char *context = NULL; @@ -518,6 +520,14 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; CApath= *(++argv); } + else if (strcmp(*argv,"-crl_check") == 0) + { + vflags |= X509_V_FLAG_CRL_CHECK; + } + else if (strcmp(*argv,"-crl_check") == 0) + { + vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; + } else if (strcmp(*argv,"-serverpref") == 0) { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } else if (strcmp(*argv,"-cipher") == 0) @@ -721,6 +731,8 @@ bad: ERR_print_errors(bio_err); /* goto end; */ } + store = SSL_CTX_get_cert_store(ctx); + X509_STORE_set_flags(store, vflags); #ifndef OPENSSL_NO_DH if (!no_dhe) |