Lines 238-243
Link Here
|
238 |
|| (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) |
238 |
|| (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) |
239 |
|
239 |
|
240 |
/** |
240 |
/** |
|
|
241 |
* Define SSL Verification Flags |
242 |
* (Backport from openssl-1.0.2) |
243 |
*/ |
244 |
|
245 |
#ifndef X509_V_FLAG_TRUSTED_FIRST |
246 |
#define X509_V_FLAG_TRUSTED_FIRST 0x8000 |
247 |
#endif |
248 |
|
249 |
/** |
250 |
* Define the values for Client Verification Trust enabled or not |
251 |
*/ |
252 |
#ifndef SSL_CVERIFY_TRUSTED |
253 |
#define SSL_CVERIFY_TRUSTED_ON 1 |
254 |
#define SSL_CVERIFY_TRUSTED_OFF 0 |
255 |
|
256 |
#define SSL_CVERIFY_TRUSTED |
257 |
#endif |
258 |
|
259 |
|
260 |
/** |
241 |
* Define the SSL pass phrase dialog types |
261 |
* Define the SSL pass phrase dialog types |
242 |
*/ |
262 |
*/ |
243 |
typedef enum { |
263 |
typedef enum { |
Lines 344-349
Link Here
|
344 |
const char *verify_info; |
364 |
const char *verify_info; |
345 |
const char *verify_error; |
365 |
const char *verify_error; |
346 |
int verify_depth; |
366 |
int verify_depth; |
|
|
367 |
int trusted_first; |
347 |
int is_proxy; |
368 |
int is_proxy; |
348 |
int disabled; |
369 |
int disabled; |
349 |
int non_ssl_request; |
370 |
int non_ssl_request; |
Lines 410-415
Link Here
|
410 |
|
431 |
|
411 |
/** for client or downstream server authentication */ |
432 |
/** for client or downstream server authentication */ |
412 |
int verify_depth; |
433 |
int verify_depth; |
|
|
434 |
int trusted_first; |
413 |
ssl_verify_t verify_mode; |
435 |
ssl_verify_t verify_mode; |
414 |
} modssl_auth_ctx_t; |
436 |
} modssl_auth_ctx_t; |
415 |
|
437 |
|
Lines 506-511
Link Here
|
506 |
const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag); |
528 |
const char *ssl_cmd_SSLHonorCipherOrder(cmd_parms *cmd, void *dcfg, int flag); |
507 |
const char *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *); |
529 |
const char *ssl_cmd_SSLVerifyClient(cmd_parms *, void *, const char *); |
508 |
const char *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *); |
530 |
const char *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *); |
|
|
531 |
const char *ssl_cmd_SSLTrustedFirst(cmd_parms *, void *, const char *); |
509 |
const char *ssl_cmd_SSLSessionCache(cmd_parms *, void *, const char *); |
532 |
const char *ssl_cmd_SSLSessionCache(cmd_parms *, void *, const char *); |
510 |
const char *ssl_cmd_SSLSessionCacheTimeout(cmd_parms *, void *, const char *); |
533 |
const char *ssl_cmd_SSLSessionCacheTimeout(cmd_parms *, void *, const char *); |
511 |
const char *ssl_cmd_SSLProtocol(cmd_parms *, void *, const char *); |
534 |
const char *ssl_cmd_SSLProtocol(cmd_parms *, void *, const char *); |