diff options
author | Milind Changire <mchangir@redhat.com> | 2019-03-14 10:55:52 +0530 |
---|---|---|
committer | MOHIT AGRAWAL <moagrawa@redhat.com> | 2020-07-10 04:36:02 +0000 |
commit | 36d972d537d4eec4af8a22eca8eab5b12a2a8e65 (patch) | |
tree | 23585cc94d4826d62066113c369418523adffcb2 /tests/features/ssl-authz.t | |
parent | 64ba4fde9fca5cfc059395a444b55f57940ab06b (diff) |
socket/ssl: fix crl handling
Problem:
Just setting the path to the CRL directory in socket_init() wasn't working.
Solution:
Need to use special API to retrieve and set X509_VERIFY_PARAM and set
the CRL checking flags explicitly.
Also, setting the CRL checking flags is a big pain, since the connection
is declared as failed if any CRL isn't found in the designated file or
directory. A comment has been added to the code appropriately.
> Change-Id: I8a8ed2ddaf4b5eb974387d2f7b1a85c1ca39fe79
> fixes: bz#1687326
> Signed-off-by: Milind Changire <mchangir@redhat.com>
> (Cherry pick from commit 06fa261207f0f0625c52fa977b96e5875e9a91e0)
> (Reviewed on upstream link https://review.gluster.org/#/c/glusterfs/+/22334)
Change-Id: I8a8ed2ddaf4b5eb974387d2f7b1a85c1ca39fe79
Fixes: #1362
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Diffstat (limited to 'tests/features/ssl-authz.t')
0 files changed, 0 insertions, 0 deletions