Swiftdiff options
Diffstat (limited to 'Swiften/TLS/OpenSSL/OpenSSLContext.cpp')
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index d9560de..6dd75d6 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp | |||
| @@ -396,6 +396,21 @@ bool OpenSSLContext::configure(const TLSOptions &options) | |||
| 396 | updateOptionIfPresent(options.disableTLSRollBackBug, SSL_OP_TLS_ROLLBACK_BUG); | 396 | updateOptionIfPresent(options.disableTLSRollBackBug, SSL_OP_TLS_ROLLBACK_BUG); |
| 397 | updateOptionIfPresent(options.singleDHUse, SSL_OP_SINGLE_DH_USE); | 397 | updateOptionIfPresent(options.singleDHUse, SSL_OP_SINGLE_DH_USE); |
| 398 | 398 | ||
| 399 | if (options.trustAnchors) { | ||
| 400 | // Add any additional Trust Anchors which are present in the TLSOptions | ||
| 401 | X509_STORE* store = SSL_CTX_get_cert_store(context_.get()); | ||
| 402 | |||
| 403 | if (store) { | ||
| 404 | for (auto& certificate : *options.trustAnchors) { | ||
| 405 | auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate.get()); | ||
| 406 | if (openSSLCert && openSSLCert->getInternalX509()) { | ||
| 407 | X509_STORE_add_cert(store, openSSLCert->getInternalX509().get()); | ||
| 408 | // Don't need to increment reference count as X509_STORE_add_cert does thiS | ||
| 409 | } | ||
| 410 | } | ||
| 411 | } | ||
| 412 | } | ||
| 413 | |||
| 399 | return true; | 414 | return true; |
| 400 | } | 415 | } |
| 401 | 416 | ||