Update chain building function.
Don't clear verification errors from the error queue unless SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set. If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR is set return 2 so applications can issue warnings.
This commit is contained in:
Dr. Stephen Henson
@@ -787,6 +787,8 @@ struct ssl_session_st
|
||||
#define SSL_BUILD_CHAIN_FLAG_CHECK 0x4
|
||||
/* Ignore verification errors */
|
||||
#define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8
|
||||
/* Clear verification errors from queue */
|
||||
#define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10
|
||||
|
||||
/* Flags returned by SSL_check_chain */
|
||||
/* Certificate can be used with this session */
|
||||
|
||||
Reference in New Issue
Block a user