lib/libhttp
1
0
Fork 0
mirror of https://github.com/lammertb/libhttp.git synced 2026-01-12 21:36:04 +03:00
Code Activity

Fix some warnings

Browse Source
This commit is contained in:
bel
2015-10-31 00:15:15 +01:00
parent 538aa60514
commit 97596344e2
1 changed files with 12 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/civetweb.c
View File

@@ -9931,13 +9931,14 @@ sslize(struct mg_connection *conn, SSL_CTX *s, int (*func)(SSL *))
ret = SSL_set_fd(conn->ssl, conn->client.sock); ret = SSL_set_fd(conn->ssl, conn->client.sock);
if (ret != 1) { if (ret != 1) {
err = SSL_get_error(conn->ssl, ret); err = SSL_get_error(conn->ssl, ret);
(void)err; /* TODO: set some error message */
return 0; return 0;
} }
ret = func(conn->ssl); ret = func(conn->ssl);
if (ret != 1) { if (ret != 1) {
err = SSL_get_error(conn->ssl, ret); err = SSL_get_error(conn->ssl, ret);
(void)err; /* TODO: set some error message */
return 0; return 0;
} }
@@ -10070,13 +10071,13 @@ initialize_ssl(struct mg_context *ctx)
return 1; return 1;
} }
#if 0 /* TODO: check if this function is required at all */
int static int
verify_ssl_client(int preverify_ok, X509_STORE_CTX *x509_ctx) verify_ssl_client(int preverify_ok, X509_STORE_CTX *x509_ctx)
{ {
int ret = preverify_ok; int ret = preverify_ok;
/* TODO: check if this function is required at all /*
TODO: store rejected connection attempts TODO: store rejected connection attempts
char buf[256]; char buf[256];
struct X509 *err_cert; struct X509 *err_cert;
int err, depth; int err, depth;
@@ -10092,7 +10093,7 @@ verify_ssl_client(int preverify_ok, X509_STORE_CTX *x509_ctx)
*/ */
return ret; return ret;
} }
#endif
/* Dynamically load SSL library. Set up ctx->ssl_ctx pointer. */ /* Dynamically load SSL library. Set up ctx->ssl_ctx pointer. */
static int static int
@@ -10219,7 +10220,10 @@ set_ssl_option(struct mg_context *ctx)
ssl_error()); ssl_error());
return 0; return 0;
} }
SSL_CTX_set_verify(ctx->ssl_ctx, 3, 0);
SSL_CTX_set_verify(ctx->ssl_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
NULL);
if (use_default_verify_paths if (use_default_verify_paths
&& SSL_CTX_set_default_verify_paths(ctx->ssl_ctx) != 1) { && SSL_CTX_set_default_verify_paths(ctx->ssl_ctx) != 1) {
@@ -10236,15 +10240,7 @@ set_ssl_option(struct mg_context *ctx)
} }
/* TODO: could set use SSL_CTX_set_cipher_list if set*/ /* TODO: could set use SSL_CTX_set_cipher_list if set */
/* TODO: could use client certificates here */
#if 0
SSL_CTX_set_verify(ctx->ssl_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
NULL);
SSL_CTX_load_verify_locations(ctx->ssl_ctx, "D:\\civetweb\\civetweb\\resources\\cert\\client.pem", NULL);
#endif
return 1; return 1;
} }