wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improved the logic for WOLFSSL_ALWAYS_VERIFY_CB to be more explicit and updated comments.

Browse Source
This commit is contained in:
David Garske
2018-08-06 10:44:56 -07:00
parent c4ea50b956
commit 56974c099e
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/internal.c
View File

@@ -8390,13 +8390,13 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
} }
} }
#ifdef WOLFSSL_ALWAYS_VERIFY_CB #ifdef WOLFSSL_ALWAYS_VERIFY_CB
/* use verify callback for success on peer leaf cert (not just failure) */ /* always use verify callback on peer leaf cert */
if (args->certIdx == 0 && ret == 0) { if (args->certIdx == 0) {
use_cb = 1; use_cb = 1;
} }
#endif #endif
#ifdef WOLFSSL_VERIFY_CB_ALL_CERTS #ifdef WOLFSSL_VERIFY_CB_ALL_CERTS
/* only perform verify callback if not peer leaf cert at index 0 */ /* perform verify callback on other intermediate certs (not just peer) */
if (args->certIdx > 0) { if (args->certIdx > 0) {
use_cb = 1; use_cb = 1;
} }