mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 09:38:19 +00:00
Changes to make OpenSSL a requirement.
Preprocessor conditionals dependent on definition of USE_OPENSSL have been straightened out.
This commit is contained in:
Jon Siwek
parent
efc8b24576
commit
2bd8f42c15
16 changed files with 81 additions and 161 deletions
|
|
@ -3,9 +3,7 @@
|
|||
#include "SSLInterpreter.h"
|
||||
#include "SSLv2.h"
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
#include "X509.h"
|
||||
#endif
|
||||
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
|
|
@ -173,17 +171,12 @@ void SSL_Interpreter::analyzeCertificate(SSL_InterpreterEndpoint* s,
|
|||
int invalid = 0;
|
||||
switch ( type ) {
|
||||
case SSLv2_CT_X509_CERTIFICATE:
|
||||
#ifdef USE_OPENSSL
|
||||
if ( ! isChain )
|
||||
invalid = X509_Cert::verify(s->GetProxyEndpoint(),
|
||||
pCert, certLength);
|
||||
else
|
||||
invalid = X509_Cert::verifyChain(s->GetProxyEndpoint(),
|
||||
data, length);
|
||||
#else
|
||||
proxy->Weak("SSL: Could not verify certificate (missing OpenSSL support)!");
|
||||
invalid = 0;
|
||||
#endif
|
||||
break;
|
||||
|
||||
default:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue