From 911d5968b42b3469de103dd57b9c1320d6ef9f16 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Mon, 21 Sep 2020 13:48:53 +0200
Subject: [PATCH] Store more certs in PKCS7 struct

---
 src/ssl.c                 | 7 ++++++-
 wolfssl/wolfcrypt/pkcs7.h | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index d8eed8e49..c0818259a 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -25188,7 +25188,12 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
                 ctx->store->verify_cb(0, ctx);
         #endif
         }
-        return ret;
+
+        /* OpenSSL returns 0 when a chain can't be built */
+        if (ret == ASN_NO_SIGNER_E)
+            return WOLFSSL_FAILURE;
+        else
+            return ret;
     }
     return WOLFSSL_FATAL_ERROR;
 }
diff --git a/wolfssl/wolfcrypt/pkcs7.h b/wolfssl/wolfcrypt/pkcs7.h
index ea6b40ddb..31a4fc12d 100644
--- a/wolfssl/wolfcrypt/pkcs7.h
+++ b/wolfssl/wolfcrypt/pkcs7.h
@@ -48,7 +48,7 @@
 
 /* Max number of certificates that PKCS7 structure can parse */
 #ifndef MAX_PKCS7_CERTS
-    #define MAX_PKCS7_CERTS 4
+    #define MAX_PKCS7_CERTS 15
 #endif
 
 #ifndef MAX_ORI_TYPE_SZ