Use SSL_CTX_up_ref() with MOSQ_OPT_SSL_CTX*.
This limits the use of those options to openssl 1.1.0 and greater.
This commit is contained in:
parent
b649799c78
commit
2d9fab123e
@ -974,6 +974,7 @@ libmosq_EXPORT int mosquitto_threaded_set(struct mosquitto *mosq, bool threaded)
|
||||
* onus is on you to ensure that you are using secure settings.
|
||||
* Setting to NULL means that libmosquitto will use its own SSL_CTX
|
||||
* if TLS is to be used.
|
||||
* This option is only available for openssl 1.1.0 and higher.
|
||||
*
|
||||
* MOSQ_OPT_SSL_CTX_WITH_DEFAULTS
|
||||
* Value must be an int set to 1 or 0. If set to 1, then the user
|
||||
@ -983,6 +984,7 @@ libmosq_EXPORT int mosquitto_threaded_set(struct mosquitto *mosq, bool threaded)
|
||||
* option then you must configure the TLS options as normal, i.e.
|
||||
* you should use <mosquitto_tls_set> to configure the cafile/capath
|
||||
* as a minimum.
|
||||
* This option is only available for openssl 1.1.0 and higher.
|
||||
*/
|
||||
libmosq_EXPORT int mosquitto_opts_set(struct mosquitto *mosq, enum mosq_opt_t option, void *value);
|
||||
|
||||
|
@ -265,18 +265,21 @@ int mosquitto_opts_set(struct mosquitto *mosq, enum mosq_opt_t option, void *val
|
||||
}
|
||||
break;
|
||||
case MOSQ_OPT_SSL_CTX:
|
||||
#ifdef WITH_TLS
|
||||
#if defined(WITH_TLS) && OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
mosq->ssl_ctx = (SSL_CTX *)value;
|
||||
if(mosq->ssl_ctx){
|
||||
SSL_CTX_up_ref(mosq->ssl_ctx);
|
||||
}
|
||||
break;
|
||||
#else
|
||||
return MOSQ_ERR_UNSUPPORTED;
|
||||
return MOSQ_ERR_NOT_SUPPORTED;
|
||||
#endif
|
||||
case MOSQ_OPT_SSL_CTX_WITH_DEFAULTS:
|
||||
#ifdef WITH_TLS
|
||||
#if defined(WITH_TLS) && OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
mosq->ssl_ctx_defaults = true;
|
||||
break;
|
||||
#else
|
||||
return MOSQ_ERR_UNSUPPORTED;
|
||||
return MOSQ_ERR_NOT_SUPPORTED;
|
||||
#endif
|
||||
default:
|
||||
return MOSQ_ERR_INVAL;
|
||||
|
Loading…
Reference in New Issue
Block a user