- Added CRL revocation support to x509parse_verify()
- Fixed an off-by-one allocation in ssl_set_hostname()
- Added CRL support to SSL/TLS code
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 66e0c69..86720e6 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -158,7 +158,7 @@
ssl_set_ciphers( &ssl, ssl_default_ciphers );
ssl_set_session( &ssl, 1, 600, &ssn );
- ssl_set_ca_chain( &ssl, &cacert, SERVER_NAME );
+ ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME );
ssl_set_own_cert( &ssl, &clicert, &rsa );
ssl_set_hostname( &ssl, SERVER_NAME );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index f44c933..f9b9b36 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -286,7 +286,7 @@
memset( &ssn, 0, sizeof( ssl_session ) );
- ssl_set_ca_chain( &ssl, srvcert.next, NULL );
+ ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &rsa );
ssl_set_dh_param( &ssl, my_dhm_P, my_dhm_G );