From a04f9f3ed939352494758a14d1978428c1bf2050 Mon Sep 17 00:00:00 2001
From: mrcsys
Date: Tue, 3 Jan 2006 16:15:40 +0000
Subject: Self signed certs were not being allowed.  This is "not good"

---
 nanohttp/nanohttp-ssl.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'nanohttp/nanohttp-ssl.c')

diff --git a/nanohttp/nanohttp-ssl.c b/nanohttp/nanohttp-ssl.c
index d140f17..47f7697 100644
--- a/nanohttp/nanohttp-ssl.c
+++ b/nanohttp/nanohttp-ssl.c
@@ -116,13 +116,16 @@ static int verify_cb(int prev_ok, X509_STORE_CTX* ctx)
 	X509* cert = X509_STORE_CTX_get_current_cert(ctx);
 	int depth = X509_STORE_CTX_get_error_depth(ctx);
     int err = X509_STORE_CTX_get_error(ctx);
-
+/*
     if( err = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ){
+        log_verbose1("Self signed cert in chain");
         return 1;
     }
+*/
 	if(depth == 0) {
 		return user_verify(cert);
 	} else {
+        log_verbose1( "Cert ok (prev)" );
 		return prev_ok;
 	}
 }
-- 
cgit v1.1-32-gdbae