-/* $Id$ */
+/*
+ * $Id$
+ *
+ * Provides HTTPS, when the OpenSSL library is available.
+ */
#ifdef HAVE_OPENSSL
-
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
* Initialize SSL transport layer
*/
SSL_library_init();
- OpenSSL_add_all_algorithms();
+ /* OpenSSL_add_all_algorithms(); */
SSL_load_error_strings();
ssl_method = SSLv2_server_method();
if (!(ssl_ctx = SSL_CTX_new(ssl_method))) {
/*
* Now try to bind to the key and certificate.
+ * Note that we use SSL_CTX_use_certificate_chain_file() which allows
+ * the certificate file to contain intermediate certificates.
*/
- SSL_CTX_use_certificate_file(ssl_ctx, CTDL_CER_PATH, SSL_FILETYPE_PEM);
+ SSL_CTX_use_certificate_chain_file(ssl_ctx, CTDL_CER_PATH);
SSL_CTX_use_PrivateKey_file(ssl_ctx, CTDL_KEY_PATH, SSL_FILETYPE_PEM);
if ( !SSL_CTX_check_private_key(ssl_ctx) ) {
lprintf(3, "Cannot install certificate: %s\n",
if (retval == -1)
lprintf(9, "errno is %d\n", errno);
endtls();
- client_write(&buf[nbytes - nremain], nremain);
return;
}
nremain -= retval;
}
lprintf(9, "SSL_read got error %ld\n", errval);
endtls();
- return (client_read_to
- (WC->http_sock, &buf[len], bytes - len, timeout));
+ return (0);
}
len += rlen;
}