Use SSL_CTX_up_ref() with MOSQ_OPT_SSL_CTX*.
This limits the use of those options to openssl 1.1.0 and greater.
This commit is contained in:
parent
b649799c78
commit
2d9fab123e
@ -974,6 +974,7 @@ libmosq_EXPORT int mosquitto_threaded_set(struct mosquitto *mosq, bool threaded)
|
|||||||
* onus is on you to ensure that you are using secure settings.
|
* onus is on you to ensure that you are using secure settings.
|
||||||
* Setting to NULL means that libmosquitto will use its own SSL_CTX
|
* Setting to NULL means that libmosquitto will use its own SSL_CTX
|
||||||
* if TLS is to be used.
|
* if TLS is to be used.
|
||||||
|
* This option is only available for openssl 1.1.0 and higher.
|
||||||
*
|
*
|
||||||
* MOSQ_OPT_SSL_CTX_WITH_DEFAULTS
|
* MOSQ_OPT_SSL_CTX_WITH_DEFAULTS
|
||||||
* Value must be an int set to 1 or 0. If set to 1, then the user
|
* Value must be an int set to 1 or 0. If set to 1, then the user
|
||||||
@ -983,6 +984,7 @@ libmosq_EXPORT int mosquitto_threaded_set(struct mosquitto *mosq, bool threaded)
|
|||||||
* option then you must configure the TLS options as normal, i.e.
|
* option then you must configure the TLS options as normal, i.e.
|
||||||
* you should use <mosquitto_tls_set> to configure the cafile/capath
|
* you should use <mosquitto_tls_set> to configure the cafile/capath
|
||||||
* as a minimum.
|
* as a minimum.
|
||||||
|
* This option is only available for openssl 1.1.0 and higher.
|
||||||
*/
|
*/
|
||||||
libmosq_EXPORT int mosquitto_opts_set(struct mosquitto *mosq, enum mosq_opt_t option, void *value);
|
libmosq_EXPORT int mosquitto_opts_set(struct mosquitto *mosq, enum mosq_opt_t option, void *value);
|
||||||
|
|
||||||
|
@ -265,18 +265,21 @@ int mosquitto_opts_set(struct mosquitto *mosq, enum mosq_opt_t option, void *val
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case MOSQ_OPT_SSL_CTX:
|
case MOSQ_OPT_SSL_CTX:
|
||||||
#ifdef WITH_TLS
|
#if defined(WITH_TLS) && OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||||
mosq->ssl_ctx = (SSL_CTX *)value;
|
mosq->ssl_ctx = (SSL_CTX *)value;
|
||||||
|
if(mosq->ssl_ctx){
|
||||||
|
SSL_CTX_up_ref(mosq->ssl_ctx);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
#else
|
#else
|
||||||
return MOSQ_ERR_UNSUPPORTED;
|
return MOSQ_ERR_NOT_SUPPORTED;
|
||||||
#endif
|
#endif
|
||||||
case MOSQ_OPT_SSL_CTX_WITH_DEFAULTS:
|
case MOSQ_OPT_SSL_CTX_WITH_DEFAULTS:
|
||||||
#ifdef WITH_TLS
|
#if defined(WITH_TLS) && OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||||
mosq->ssl_ctx_defaults = true;
|
mosq->ssl_ctx_defaults = true;
|
||||||
break;
|
break;
|
||||||
#else
|
#else
|
||||||
return MOSQ_ERR_UNSUPPORTED;
|
return MOSQ_ERR_NOT_SUPPORTED;
|
||||||
#endif
|
#endif
|
||||||
default:
|
default:
|
||||||
return MOSQ_ERR_INVAL;
|
return MOSQ_ERR_INVAL;
|
||||||
|
Loading…
Reference in New Issue
Block a user