mirror of https://github.com/wolfSSL/wolfssl
fix crl problem error out if verify peer disabled
This commit is contained in:
parent
2d63c559cc
commit
8a3b3b03d2
|
@ -4161,8 +4161,6 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
|
||||||
if (anyError != 0 && ret == 0)
|
if (anyError != 0 && ret == 0)
|
||||||
ret = anyError;
|
ret = anyError;
|
||||||
|
|
||||||
if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END)
|
|
||||||
ssl->options.serverState = SERVER_CERT_COMPLETE;
|
|
||||||
|
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
if (!ssl->options.verifyNone) {
|
if (!ssl->options.verifyNone) {
|
||||||
|
@ -4238,6 +4236,15 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
if (ssl->options.verifyNone &&
|
||||||
|
(ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) {
|
||||||
|
CYASSL_MSG("Ignoring CRL problem based on verify setting");
|
||||||
|
ret = ssl->error = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END)
|
||||||
|
ssl->options.serverState = SERVER_CERT_COMPLETE;
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue