feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Override CRL error for NO_VERIFY

Browse Source
This commit is contained in:
Eric Blankenhorn
2020-04-24 15:31:18 -05:00
parent 3529d9a40d
commit ec755f8dd9
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@ -10837,6 +10837,11 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* Do verify callback */ /* Do verify callback */
ret = DoVerifyCallback(ssl->ctx->cm, ssl, ret, args); ret = DoVerifyCallback(ssl->ctx->cm, ssl, ret, args);
if (ssl->options.verifyNone &&
(ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) {
WOLFSSL_MSG("Ignoring CRL problem based on verify setting");
ret = ssl->error = 0;
}
#ifdef WOLFSSL_ALT_CERT_CHAINS #ifdef WOLFSSL_ALT_CERT_CHAINS
/* For alternate cert chain, its okay for a CA cert to fail /* For alternate cert chain, its okay for a CA cert to fail