*/
/*@{*/
+#include "config.h"
#ifdef HAVE_OPENSSL
#include "webcit.h"
*/
X509_NAME_add_entry_by_txt(name, "O",
- MBSTRING_ASC, "FIXME.FIXME.org", -1, -1, 0);
+ MBSTRING_ASC, "Organization name", -1, -1, 0);
X509_NAME_add_entry_by_txt(name, "OU",
MBSTRING_ASC, "Citadel server", -1, -1, 0);
X509_NAME_add_entry_by_txt(name, "CN",
- MBSTRING_ASC, "FIXME.FIXME.org", -1, -1, 0);
+ MBSTRING_ASC, "*", -1, -1, 0);
X509_REQ_set_subject_name(req, name);
*/
void endtls(void)
{
+ SSL_CTX *ctx = NULL;
+
if (THREADSSL == NULL) return;
lprintf(5, "Ending SSL/TLS\n");
SSL_shutdown(THREADSSL);
+ ctx = SSL_get_SSL_CTX(THREADSSL);
+
+ /** I don't think this is needed, and it crashes the server anyway
+ *
+ * if (ctx != NULL) {
+ * lprintf(9, "Freeing CTX at %x\n", (int)ctx );
+ * SSL_CTX_free(ctx);
+ * }
+ */
+
SSL_free(THREADSSL);
pthread_setspecific(ThreadSSL, NULL);
}