wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

CertificateVerify, getting past when the error is overridden by VerifyCallback

Browse Source
This commit is contained in:
Takashi Kojo
2017-07-28 15:36:33 +09:00
committed by Jacob Barthelmeh
parent 2f1f86d5f2
commit a19813eab2
2 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/internal.c
View File

@@ -7871,6 +7871,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
XMEMSET(args, 0, sizeof(ProcPeerCertArgs)); XMEMSET(args, 0, sizeof(ProcPeerCertArgs));
args->idx = *inOutIdx; args->idx = *inOutIdx;
args->begin = *inOutIdx; args->begin = *inOutIdx;
ssl->certErr_ovrdn = 0;
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
ssl->async.freeArgs = FreeProcPeerCertArgs; ssl->async.freeArgs = FreeProcPeerCertArgs;
#elif defined(WOLFSSL_NONBLOCK_OCSP) #elif defined(WOLFSSL_NONBLOCK_OCSP)
@@ -8993,7 +8994,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
} }
#ifdef WOLFSSL_ALWAYS_VERIFY_CB #ifdef WOLFSSL_ALWAYS_VERIFY_CB
else { else {
if (ssl->verifyCallback) { if (ssl->verifyCallback && !ssl->certErr_ovrdn) {
int ok; int ok;
store->error = ret; store->error = ret;
@@ -23430,7 +23431,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
FALL_THROUGH; FALL_THROUGH;
case TLS_ASYNC_DO: case TLS_ASYNC_DO:
{ if(ssl->certErr_ovrdn){
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
ret = 0;
}
else {
#ifndef NO_RSA #ifndef NO_RSA
if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) { if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) {
WOLFSSL_MSG("Doing RSA peer cert verify"); WOLFSSL_MSG("Doing RSA peer cert verify");
@@ -23574,6 +23579,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case TLS_ASYNC_END: case TLS_ASYNC_END:
{ {
if(ssl->certErr_ovrdn){
ret = 0;
}
break; break;
} }
default: default:

1
wolfssl/internal.h
View File

@@ -3317,6 +3317,7 @@ struct WOLFSSL {
#endif #endif
WOLFSSL_ALERT_HISTORY alert_history; WOLFSSL_ALERT_HISTORY alert_history;
int verifyDepth; int verifyDepth;
int certErr_ovrdn; /* overriden by VerifyCallback */
int error; int error;
int rfd; /* read file descriptor */ int rfd; /* read file descriptor */
int wfd; /* write file descriptor */ int wfd; /* write file descriptor */