Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH.

2025-07-29 18:27:29 +02:00 · 2023-08-29 10:28:02 -04:00
parent c5c968aae3
commit d7bb5aa367
3 changed files with 5 additions and 3 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -8300,7 +8300,7 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
        /* pass directory read failure to response code */
        if (fileRet != WC_READDIR_NOFILE) {
            ret = fileRet;
-    #if defined(WOLFSSL_QT)
+    #if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
            if (ret == BAD_PATH_ERROR &&
                flags & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR) {
               /* QSslSocket always loads certs in system folder
--- a/tests/api.c
+++ b/tests/api.c
@ -1428,7 +1428,7 @@ static int test_wolfSSL_CTX_load_verify_locations(void)


 #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) && \
-  (defined(WOLFSSL_QT) && \
+  ((defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)) && \
  !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR))
    /* invalid path */
    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile),
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -1064,8 +1064,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(
 #define WOLFSSL_LOAD_FLAG_IGNORE_ERR    0x00000001
 #define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002
 #define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY   0x00000004
-#if defined(WOLFSSL_QT)
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
 #define WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR 0x00000008
+#endif
+#if defined(WOLFSSL_QT)
 #define WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE     0x00000010
 #endif