From 40916534e3bc6be103b1cf19f2f976ccbed2b4ed Mon Sep 17 00:00:00 2001 From: jsing <> Date: Thu, 6 Jul 2017 17:12:22 +0000 Subject: Add support for providing CRLs to libtls - once a CRL is provided we enable CRL checking for the full certificate chain. Based on a diff from Jack Burton , thanks! Discussed with beck@ --- src/lib/libtls/tls_internal.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/lib/libtls/tls_internal.h') diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h index c0c55216df..bed9d6e7f4 100644 --- a/src/lib/libtls/tls_internal.h +++ b/src/lib/libtls/tls_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_internal.h,v 1.61 2017/06/22 18:03:57 jsing Exp $ */ +/* $OpenBSD: tls_internal.h,v 1.62 2017/07/06 17:12:22 jsing Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas * Copyright (c) 2014 Joel Sing @@ -84,6 +84,8 @@ struct tls_config { size_t ca_len; const char *ciphers; int ciphers_server; + char *crl_mem; + size_t crl_len; int dheparams; int ecdhecurve; struct tls_keypair *keypair; -- cgit v1.2.3-55-g6feb