diff options
author | mrcsys | 2006-01-03 16:15:40 +0000 |
---|---|---|
committer | mrcsys | 2006-01-03 16:15:40 +0000 |
commit | a04f9f3ed939352494758a14d1978428c1bf2050 (patch) | |
tree | e570d82d343646fdccb860602114be80b011f1a0 /nanohttp | |
parent | 8800bd5994aad0babf61f2d91ff492bed50c35df (diff) | |
download | csoap-a04f9f3ed939352494758a14d1978428c1bf2050.tar.gz csoap-a04f9f3ed939352494758a14d1978428c1bf2050.tar.bz2 |
Self signed certs were not being allowed. This is "not good"
Diffstat (limited to 'nanohttp')
-rw-r--r-- | nanohttp/nanohttp-ssl.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/nanohttp/nanohttp-ssl.c b/nanohttp/nanohttp-ssl.c index d140f17..47f7697 100644 --- a/nanohttp/nanohttp-ssl.c +++ b/nanohttp/nanohttp-ssl.c @@ -116,13 +116,16 @@ static int verify_cb(int prev_ok, X509_STORE_CTX* ctx) X509* cert = X509_STORE_CTX_get_current_cert(ctx); int depth = X509_STORE_CTX_get_error_depth(ctx); int err = X509_STORE_CTX_get_error(ctx); - +/* if( err = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ){ + log_verbose1("Self signed cert in chain"); return 1; } +*/ if(depth == 0) { return user_verify(cert); } else { + log_verbose1( "Cert ok (prev)" ); return prev_ok; } } |