feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Maintain consistent behavior when activating CRL

Browse Source
This commit is contained in:
Tesfa Mael
2023-06-09 09:10:06 -07:00
parent fd17fa3e9c
commit 481ae20fcb
2 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/ssl.c
View File

@ -8208,19 +8208,19 @@ int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options)
{
int ret = WOLFSSL_SUCCESS;
(void)options;
WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL");
if (cm == NULL)
return BAD_FUNC_ARG;
#if defined(OPENSSL_COMPATIBLE_DEFAULTS)
if (options == 0) {
#if defined(OPENSSL_COMPATIBLE_DEFAULTS)
/* Turn off doing Leaf CRL check */
cm->crlEnabled = 0;
/* Turn off all checks */
cm->crlCheckAll = 0;
}
#endif
return ret;
}
#ifdef HAVE_CRL
if (cm->crl == NULL) {
cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap,

5
src/x509_str.c
View File

@ -979,7 +979,10 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag)
if (store == NULL)
return WOLFSSL_FAILURE;
ret = wolfSSL_CertManagerEnableCRL(store->cm, (int)flag);
if ((flag & WOLFSSL_CRL_CHECKALL) || (flag & WOLFSSL_CRL_CHECK) ||
flag == 0 ) {
ret = wolfSSL_CertManagerEnableCRL(store->cm, (int)flag);
}
return ret;
}