Fix GOST skip certificate verify handling. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2022-01-09 15:28:47 +0000
committer	jsing <>	2022-01-09 15:28:47 +0000
commit	99a74d01dd8887de0c54a62e77d50a9f7ef35224 (patch)
tree	ed9056dc51e37cc5096a934a9be2012e0113a8ef /src/lib/libcrypto/comp/comp_err.c
parent	12dd2352d38b1ef2237d623bc6b869d169e71567 (diff)
download	openbsd-99a74d01dd8887de0c54a62e77d50a9f7ef35224.tar.gz openbsd-99a74d01dd8887de0c54a62e77d50a9f7ef35224.tar.bz2 openbsd-99a74d01dd8887de0c54a62e77d50a9f7ef35224.zip

Fix GOST skip certificate verify handling.

GOST skip certificate verify handling got broken in r1.132 of s3_srvr.c circa 2016. Prior to this, ssl3_get_client_key_exchange() returned an 'extra special' value to indicate that the state machine should skip certificate verify. Fix this by setting and checking the TLS1_FLAGS_SKIP_CERT_VERIFY flag, which is the same as is done in the client. ok inoguchi@ tb@

Diffstat (limited to 'src/lib/libcrypto/comp/comp_err.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: