wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 03:07:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

CertificateVerify, getting past when the error is overridden by VerifyCallback

Browse Source
This commit is contained in:
Takashi Kojo
2017-07-28 15:36:33 +09:00
committed by Jacob Barthelmeh
parent 2f1f86d5f2
commit a19813eab2
2 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/internal.c
View File

@ -7871,6 +7871,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
XMEMSET(args, 0, sizeof(ProcPeerCertArgs));
args->idx = *inOutIdx;
args->begin = *inOutIdx;
ssl->certErr_ovrdn = 0;
#ifdef WOLFSSL_ASYNC_CRYPT
ssl->async.freeArgs = FreeProcPeerCertArgs;
#elif defined(WOLFSSL_NONBLOCK_OCSP)
@ -8993,7 +8994,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
#ifdef WOLFSSL_ALWAYS_VERIFY_CB
else {
if (ssl->verifyCallback) {
if (ssl->verifyCallback && !ssl->certErr_ovrdn) {
int ok;
store->error = ret;
@ -23430,7 +23431,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
FALL_THROUGH;
case TLS_ASYNC_DO:
{
if(ssl->certErr_ovrdn){
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
ret = 0;
}
else {
#ifndef NO_RSA
if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) {
WOLFSSL_MSG("Doing RSA peer cert verify");
@ -23574,6 +23579,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case TLS_ASYNC_END:
{
if(ssl->certErr_ovrdn){
ret = 0;
}
break;
}
default:

1
wolfssl/internal.h
View File

@ -3317,6 +3317,7 @@ struct WOLFSSL {
#endif
WOLFSSL_ALERT_HISTORY alert_history;
int verifyDepth;
int certErr_ovrdn; /* overriden by VerifyCallback */
int error;
int rfd; /* read file descriptor */
int wfd; /* write file descriptor */