diff --git a/src/ssl.ml b/src/ssl.ml index e7dd271..4ecd57d 100644 --- a/src/ssl.ml +++ b/src/ssl.ml @@ -236,7 +236,6 @@ external verify : socket -> unit = "ocaml_ssl_verify" type x509_check_flag = | Always_check_subject - | Never_check_subject | No_wildcards | No_partial_wildcards | Multi_label_wildcards diff --git a/src/ssl.mli b/src/ssl.mli index 7b0ac66..eb62baa 100644 --- a/src/ssl.mli +++ b/src/ssl.mli @@ -408,7 +408,6 @@ val verify : socket -> unit (** Flags to specify how a certificate is matched against a given host name *) type x509_check_flag = | Always_check_subject - | Never_check_subject | No_wildcards | No_partial_wildcards | Multi_label_wildcards diff --git a/src/ssl_stubs.c b/src/ssl_stubs.c index a496315..3d431b8 100644 --- a/src/ssl_stubs.c +++ b/src/ssl_stubs.c @@ -1254,18 +1254,15 @@ CAMLprim value ocaml_ssl_set_hostflags(value socket, value flag_lst) flags |= X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT; break; case 1: - flags |= X509_CHECK_FLAG_NEVER_CHECK_SUBJECT; - break; - case 2: flags |= X509_CHECK_FLAG_NO_WILDCARDS; break; - case 3: + case 2: flags |= X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; break; - case 4: + case 3: flags |= X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS; break; - case 5: + case 4: flags |= X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS; break; default: @@ -1275,7 +1272,7 @@ CAMLprim value ocaml_ssl_set_hostflags(value socket, value flag_lst) } caml_enter_blocking_section(); - SSL_set_hostflags(ssl, flags); + X509_VERIFY_PARAM_set_hostflags(SSL_get0_param(ssl), flags); caml_leave_blocking_section(); CAMLreturn(Val_unit); @@ -1288,7 +1285,7 @@ CAMLprim value ocaml_ssl_set1_host(value socket, value host) const char *hostname = String_val (host); caml_enter_blocking_section(); - SSL_set1_host (ssl, hostname); + X509_VERIFY_PARAM_set1_host (SSL_get0_param(ssl), hostname, 0); caml_leave_blocking_section(); CAMLreturn(Val_unit);