projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Suppress CT callback as appropriate
[openssl.git]
/
test
/
ssltest_old.c
diff --git
a/test/ssltest_old.c
b/test/ssltest_old.c
index 8018b3bd161992f188adfe680a271d632e0d02d5..e3f8d774cb9d60484a98c92883996bab111f4dbe 100644
(file)
--- a/
test/ssltest_old.c
+++ b/
test/ssltest_old.c
@@
-1113,7
+1113,7
@@
int main(int argc, char *argv[])
* Disable CT validation by default, because it will interfere with
* anything using custom extension handlers to deal with SCT extensions.
*/
* Disable CT validation by default, because it will interfere with
* anything using custom extension handlers to deal with SCT extensions.
*/
-
ct_validation_cb ct_validation = NULL
;
+
int ct_validation = 0
;
#endif
SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
STACK_OF(OPENSSL_STRING) *conf_args = NULL;
#endif
SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
STACK_OF(OPENSSL_STRING) *conf_args = NULL;
@@
-1300,13
+1300,10
@@
int main(int argc, char *argv[])
}
#ifndef OPENSSL_NO_CT
else if (strcmp(*argv, "-noct") == 0) {
}
#ifndef OPENSSL_NO_CT
else if (strcmp(*argv, "-noct") == 0) {
- ct_validation =
NULL
;
+ ct_validation =
0
;
}
}
- else if (strcmp(*argv, "-requestct") == 0) {
- ct_validation = CT_verify_no_bad_scts;
- }
- else if (strcmp(*argv, "-requirect") == 0) {
- ct_validation = CT_verify_at_least_one_good_sct;
+ else if (strcmp(*argv, "-ct") == 0) {
+ ct_validation = 1;
}
#endif
#ifndef OPENSSL_NO_COMP
}
#endif
#ifndef OPENSSL_NO_COMP
@@
-1633,7
+1630,8
@@
int main(int argc, char *argv[])
}
#ifndef OPENSSL_NO_CT
}
#ifndef OPENSSL_NO_CT
- if (!SSL_CTX_set_ct_validation_callback(c_ctx, ct_validation, NULL)) {
+ if (ct_validation &&
+ !SSL_CTX_enable_ct(c_ctx, SSL_CT_VALIDATION_STRICT)) {
ERR_print_errors(bio_err);
goto end;
}
ERR_print_errors(bio_err);
goto end;
}