diff options
| author | Vidyullatha Kanchanapally <vidyullatha@codeaurora.org> | 2016-01-11 08:18:12 +0530 |
|---|---|---|
| committer | Linux Build Service Account <lnxbuild@localhost> | 2016-08-24 08:10:11 -0600 |
| commit | 71a2c6b68025f070785e59ea5307f6e45c8f5441 (patch) | |
| tree | b52ab3e64e5838bd2eac6b537afbe0a5e89a79c8 | |
| parent | 9f719b0bf6e27562354f7ce9b7aaf86f40cc2d99 (diff) | |
| download | android_external_curl-staging/cm-14.0.tar.gz android_external_curl-staging/cm-14.0.tar.bz2 android_external_curl-staging/cm-14.0.zip | |
In case of boringssl, enable ocsp staplingstaging/cm-14.0
Enable OCSP stapling in case of successful SSL
verification.
CRs-Fixed: 960177
Change-Id: I6122bea19e023944e3e3f332f5f65b51fd2f031a
| -rw-r--r-- | lib/vtls/openssl.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 02de46f..030cad4 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -134,6 +134,7 @@ #define OpenSSL_add_all_algorithms() /* BoringSSL does not have CONF_modules_load_file */ #define CONF_modules_load_file(a,b,c) +#define CONF_modules_free() #endif #ifdef OPENSSL_IS_BORINGSSL @@ -2065,6 +2066,10 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) if(data->set.ssl.verifystatus) SSL_set_tlsext_status_type(connssl->handle, TLSEXT_STATUSTYPE_ocsp); #endif +#ifdef OPENSSL_IS_BORINGSSL + if(data->set.ssl.verifystatus) + SSL_enable_ocsp_stapling(connssl->handle); +#endif /* OPENSSL_IS_BORINGSSL */ SSL_set_connect_state(connssl->handle); @@ -3183,6 +3188,9 @@ void Curl_ossl_md5sum(unsigned char *tmp, /* input */ bool Curl_ossl_cert_status_request(void) { +#ifdef OPENSSL_IS_BORINGSSL + return TRUE; +#endif #if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \ !defined(OPENSSL_IS_BORINGSSL) return TRUE; |