Changeset 8f976e6 for lib


Ignore:
Timestamp:
2012-10-30T23:41:43Z (7 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
536dfa1
Parents:
addad71
Message:

SSL fixes from Michal Suchanek.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • lib/ssl_gnutls.c

    raddad71 r8f976e6  
    8585                gnutls_certificate_set_x509_trust_file( xcred, global.conf->cafile, GNUTLS_X509_FMT_PEM );
    8686               
    87                 /* Not needed in GnuTLS 2.11+ but we support older versions for now. */
    88                 gnutls_certificate_set_verify_flags( xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT );
     87                /* Not needed in GnuTLS 2.11+ (enabled by default there) so
     88                   don't do it (resets possible other defaults). */
     89                if( !gnutls_check_version( "2.11" ) )
     90                        gnutls_certificate_set_verify_flags( xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT );
    8991        }
    9092        initialized = TRUE;
     
    108110        struct scd *conn = g_new0( struct scd, 1 );
    109111       
    110         conn->fd = proxy_connect( host, port, ssl_connected, conn );
    111112        conn->func = func;
    112113        conn->data = data;
     
    114115        conn->hostname = g_strdup( host );
    115116        conn->verify = verify && global.conf->cafile;
     117        conn->fd = proxy_connect( host, port, ssl_connected, conn );
    116118       
    117119        if( conn->fd < 0 )
Note: See TracChangeset for help on using the changeset viewer.