feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

not push CA, revert error code when being OpensslExtra mode

Browse Source
This commit is contained in:
Hideki Miyazaki
2021-05-27 14:54:32 +09:00
parent cd73cf3d0f
commit 976b6ae97c
2 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/internal.c
View File

@ -19048,6 +19048,12 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
#else #else
int error = (int)e; int error = (int)e;
#ifdef OPENSSL_EXTRA
/* OpenSSL uses positive error codes */
if (error > 0) {
error = -error;
}
#endif
/* pass to wolfCrypt */ /* pass to wolfCrypt */
if (error < MAX_CODE_E && error > MIN_CODE_E) { if (error < MAX_CODE_E && error > MIN_CODE_E) {

10
src/ssl.c
View File

@ -18791,11 +18791,8 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
} }
ret = DecodeToX509(x509, ssl->session.chain.certs[i].buffer, ret = DecodeToX509(x509, ssl->session.chain.certs[i].buffer,
ssl->session.chain.certs[i].length); ssl->session.chain.certs[i].length);
if (ret == 0 && #if !defined(WOLFSSL_QT)
#if defined(WOLFSSL_QT) if (ret == 0 && i == ssl->session.chain.count-1) {
ssl->options.side == WOLFSSL_CLIENT_END &&
#endif
i == ssl->session.chain.count-1) {
/* On the last element in the chain try to add the CA chain /* On the last element in the chain try to add the CA chain
* first if we have one for this cert */ * first if we have one for this cert */
if (pushCAx509Chain(ssl->ctx->cm, x509, sk) if (pushCAx509Chain(ssl->ctx->cm, x509, sk)
@ -18803,6 +18800,9 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
ret = WOLFSSL_FATAL_ERROR; ret = WOLFSSL_FATAL_ERROR;
} }
} }
#else
(void)pushCAx509Chain;
#endif
if (ret != 0 || wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) { if (ret != 0 || wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error decoding cert"); WOLFSSL_MSG("Error decoding cert");