Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-09 00:00:04 +01:00
Code Issues Releases Wiki Activity

adjust ssl verification and options after context change

Browse source
This commit is contained in:
Alexandre Snarskii 2025-01-22 18:21:43 +02:00
parent e0c312c202
commit d6de6840eb
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
lib/tls/openssl/openssl-server.c
View file

@ -141,6 +141,17 @@ lws_ssl_server_name_cb(SSL *ssl, int *ad, void *arg)
/* select the ssl ctx from the selected vhost for this conn */
SSL_set_SSL_CTX(ssl, vhost->tls.ssl_ctx);
/* also, adjust other things we care about */
SSL_set_verify(ssl, SSL_CTX_get_verify_mode(vhost->tls.ssl_ctx),
SSL_CTX_get_verify_callback(vhost->tls.ssl_ctx));
SSL_set_verify_depth(ssl, SSL_CTX_get_verify_depth(vhost->tls.ssl_ctx));
#if OPENSSL_VERSION_NUMBER >= 0x009080dfL
SSL_clear_options(ssl, SSL_get_options(ssl) &
~SSL_CTX_get_options(vhost->tls.ssl_ctx));
#endif
SSL_set_options(ssl, SSL_CTX_get_options(vhost->tls.ssl_ctx));
return SSL_TLSEXT_ERR_OK;
}
#endif