diff options
Diffstat (limited to 'src/lib/libtls/tls_server.c')
| -rw-r--r-- | src/lib/libtls/tls_server.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c index e3b03e1301..a9a5902add 100644 --- a/src/lib/libtls/tls_server.c +++ b/src/lib/libtls/tls_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_server.c,v 1.29 2016/11/04 19:01:29 jsing Exp $ */ | 1 | /* $OpenBSD: tls_server.c,v 1.30 2016/11/05 15:13:26 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -48,6 +48,7 @@ tls_server_conn(struct tls *ctx) | |||
| 48 | return (NULL); | 48 | return (NULL); |
| 49 | 49 | ||
| 50 | conn_ctx->flags |= TLS_SERVER_CONN; | 50 | conn_ctx->flags |= TLS_SERVER_CONN; |
| 51 | conn_ctx->config = ctx->config; | ||
| 51 | 52 | ||
| 52 | return (conn_ctx); | 53 | return (conn_ctx); |
| 53 | } | 54 | } |
| @@ -213,6 +214,11 @@ tls_configure_server_ssl(struct tls *ctx, SSL_CTX **ssl_ctx, | |||
| 213 | if (ctx->config->ciphers_server == 1) | 214 | if (ctx->config->ciphers_server == 1) |
| 214 | SSL_CTX_set_options(*ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); | 215 | SSL_CTX_set_options(*ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); |
| 215 | 216 | ||
| 217 | if (SSL_CTX_set_tlsext_status_cb(ctx->ssl_ctx, tls_ocsp_stapling_cb) != 1) { | ||
| 218 | tls_set_errorx(ctx, "failed to add OCSP stapling callback"); | ||
| 219 | goto err; | ||
| 220 | } | ||
| 221 | |||
| 216 | /* | 222 | /* |
| 217 | * Set session ID context to a random value. We don't support | 223 | * Set session ID context to a random value. We don't support |
| 218 | * persistent caching of sessions so it is OK to set a temporary | 224 | * persistent caching of sessions so it is OK to set a temporary |