mirror of https://github.com/wolfSSL/wolfssl
fix crl problem error out if verify peer disabled
This commit is contained in:
parent
2d63c559cc
commit
8a3b3b03d2
|
@ -4161,8 +4161,6 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
|
|||
if (anyError != 0 && ret == 0)
|
||||
ret = anyError;
|
||||
|
||||
if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END)
|
||||
ssl->options.serverState = SERVER_CERT_COMPLETE;
|
||||
|
||||
if (ret != 0) {
|
||||
if (!ssl->options.verifyNone) {
|
||||
|
@ -4238,6 +4236,15 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
|
|||
}
|
||||
#endif
|
||||
|
||||
if (ssl->options.verifyNone &&
|
||||
(ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) {
|
||||
CYASSL_MSG("Ignoring CRL problem based on verify setting");
|
||||
ret = ssl->error = 0;
|
||||
}
|
||||
|
||||
if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END)
|
||||
ssl->options.serverState = SERVER_CERT_COMPLETE;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue