Overview
Comment: | Added load CA file comments |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | status_x509 |
Files: | files | file ages | folders |
SHA3-256: |
d4b5b9bd2aa0ca558e1ef780a62ba561 |
User & Date: | bohagan on 2023-08-28 01:56:52 |
Other Links: | branch diff | manifest | tags |
Context
2023-09-01
| ||
21:35 | Added more X509 status Closed-Leaf check-in: af0ed7ddd0 user: bohagan tags: status_x509 | |
2023-08-28
| ||
01:56 | Added load CA file comments check-in: d4b5b9bd2a user: bohagan tags: status_x509 | |
2023-08-20
| ||
19:45 | Moved X509 functions to separate procedures. check-in: 2186b86385 user: bohagan tags: status_x509 | |
Changes
Modified generic/tls.c
from [4969f5a74b]
to [18bce24fbb].
︙ | ︙ | |||
1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 | return NULL; } } /* Set verification CAs */ Tcl_DStringInit(&ds); Tcl_DStringInit(&ds1); if (!SSL_CTX_load_verify_locations(ctx, F2N(CAfile, &ds), F2N(CAdir, &ds1)) || !SSL_CTX_set_default_verify_paths(ctx)) { #if 0 Tcl_DStringFree(&ds); Tcl_DStringFree(&ds1); /* Don't currently care if this fails */ Tcl_AppendResult(interp, "SSL default verify paths: ", REASON(), (char *) NULL); | > > > > > > | 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 | return NULL; } } /* Set verification CAs */ Tcl_DStringInit(&ds); Tcl_DStringInit(&ds1); /* There is one default directory, one default file, and one default store. The default CA certificates directory (and default store) is in the OpenSSL certs directory. It can be overridden by the SSL_CERT_DIR env var. The default CA certificates file is called cert.pem in the default OpenSSL directory. It can be overridden by the SSL_CERT_FILE env var. */ /* int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx) and int SSL_CTX_set_default_verify_file(SSL_CTX *ctx) */ if (!SSL_CTX_load_verify_locations(ctx, F2N(CAfile, &ds), F2N(CAdir, &ds1)) || !SSL_CTX_set_default_verify_paths(ctx)) { #if 0 Tcl_DStringFree(&ds); Tcl_DStringFree(&ds1); /* Don't currently care if this fails */ Tcl_AppendResult(interp, "SSL default verify paths: ", REASON(), (char *) NULL); |
︙ | ︙ |