gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#64 在tfe.conf中增加check_cert_crl开关,默认关闭CRL校验。

Browse Source
This commit is contained in:
zhengchao
2018-11-12 13:58:01 +08:00
parent 865a4066fc
commit ca650d12ff
3 changed files with 27 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
platform/include/internal/ssl_trusted_cert_storage.h
View File

@@ -6,9 +6,12 @@ enum ssl_X509_obj_type
SSL_X509_OBJ_CERT,
SSL_X509_OBJ_CRL
};
struct cert_store_param
{
unsigned int check_crl;
};
struct ssl_trusted_cert_storage;
struct ssl_trusted_cert_storage* ssl_trusted_cert_storage_create(const char* pem_bundle, const char* pem_dir);
struct ssl_trusted_cert_storage* ssl_trusted_cert_storage_create(const char* pem_bundle, const char* pem_dir, struct cert_store_param* param);
void ssl_trusted_cert_storage_destroy(struct ssl_trusted_cert_storage* storage);
int ssl_trusted_cert_storage_verify_conn(struct ssl_trusted_cert_storage* storage, const SSL * ssl, char* reason, size_t n_reason);