abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-20 03:44:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add trusted_ca_keys to TLS1.2/TLCP

Browse Source
This commit is contained in:
Zhi Guan
2026-06-12 10:24:32 +08:00
parent b1f670c6c6
commit dbbee6dbe0
9 changed files with 555 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/tls.c
View File

@@ -2507,6 +2507,11 @@ int tls_ctx_set_ca_certificates(TLS_CTX *ctx, const char *cacertsfile, int depth
error_print();
return -1;
}
if (tls_trusted_authorities_from_ca_names(ctx->trusted_authorities, &ctx->trusted_authorities_len,
sizeof(ctx->trusted_authorities), ctx->ca_names, ctx->ca_names_len) != 1) {
error_print();
return -1;
}
ctx->verify_depth = depth;
return 1;
@@ -2522,6 +2527,16 @@ int tls_ctx_enable_verbose(TLS_CTX *ctx, int enable)
return 1;
}
int tls_ctx_enable_trusted_ca_keys(TLS_CTX *ctx, int enable)
{
if (!ctx) {
error_print();
return -1;
}
ctx->trusted_ca_keys = enable ? 1 : 0;
return 1;
}
int tls_ctx_enable_certificate_request(TLS_CTX *ctx, int enable)
{
if (!ctx) {