feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

user CA adds use same policy as Context Verify for verification

Browse Source
This commit is contained in:
toddouska
2015-09-09 12:19:53 -07:00
parent 5bbcda3c79
commit 80c5fecdb2
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -4278,8 +4278,8 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return MEMORY_E; return MEMORY_E;
XMEMCPY(add.buffer, myCert.buffer, myCert.length); XMEMCPY(add.buffer, myCert.buffer, myCert.length);
ret = AddCA(ssl->ctx->cm, add, WOLFSSL_CHAIN_CA, /* already verified above */
ssl->ctx->verifyPeer); ret = AddCA(ssl->ctx->cm, add, WOLFSSL_CHAIN_CA, 0);
if (ret == 1) ret = 0; /* SSL_SUCCESS for external */ if (ret == 1) ret = 0; /* SSL_SUCCESS for external */
} }
else if (ret != 0) { else if (ret != 0) {

3
src/ssl.c
View File

@@ -2843,7 +2843,8 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
XFREE(der.buffer, heap, dynamicType); XFREE(der.buffer, heap, dynamicType);
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
return AddCA(ctx->cm, der, WOLFSSL_USER_CA, ctx->verifyPeer); /* verify CA unless user set to no verify */
return AddCA(ctx->cm, der, WOLFSSL_USER_CA, !ctx->verifyNone);
/* takes der over */ /* takes der over */
} }
else if (type == CERT_TYPE) { else if (type == CERT_TYPE) {