diff options
author | Samuel Williams <samuel.williams@oriontransfer.co.nz> | 2019-06-15 10:24:42 +1200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-15 10:24:42 +1200 |
commit | 4b43ffc1292eeb70ff886847836e21ad96ed8796 (patch) | |
tree | 88c78d3a503df5bcec28f76303faf62015169011 | |
parent | e11fa66e75696b159572135b997548eee67f7aac (diff) | |
parent | 7348165c5024771af1758fdb1bfc222e9277f4bb (diff) | |
download | ruby-openssl-4b43ffc1292eeb70ff886847836e21ad96ed8796.tar.gz |
Merge pull request #239 from mkauf/post_handshake_auth
Support client certificates with TLS 1.3
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.c | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index d86e1301..076e2879 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -166,6 +166,7 @@ have_func("SSL_CTX_get_security_level") have_func("X509_get0_notBefore") have_func("SSL_SESSION_get_protocol_version") have_func("EVP_PBE_scrypt") +have_func("SSL_CTX_set_post_handshake_auth") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index df2304e4..ec49587a 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -810,6 +810,10 @@ ossl_sslctx_setup(VALUE self) } #endif /* OPENSSL_NO_EC */ +#ifdef HAVE_SSL_CTX_SET_POST_HANDSHAKE_AUTH + SSL_CTX_set_post_handshake_auth(ctx, 1); +#endif + val = rb_attr_get(self, id_i_cert_store); if (!NIL_P(val)) { X509_STORE *store = GetX509StorePtr(val); /* NO NEED TO DUP */ |