Fix GOST skip certificate verify handling. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2022-01-09 15:28:47 +0000
committer	jsing <>	2022-01-09 15:28:47 +0000
commit	258c4e200fe5875dafb95794183947b663554c57 (patch)
tree	ed9056dc51e37cc5096a934a9be2012e0113a8ef /src/lib/libssl/ssl_lib.c
parent	f81552f977571b118f23b6573681bb69dc571718 (diff)
download	openbsd-258c4e200fe5875dafb95794183947b663554c57.tar.gz openbsd-258c4e200fe5875dafb95794183947b663554c57.tar.bz2 openbsd-258c4e200fe5875dafb95794183947b663554c57.zip

Fix GOST skip certificate verify handling.

GOST skip certificate verify handling got broken in r1.132 of s3_srvr.c circa 2016. Prior to this, ssl3_get_client_key_exchange() returned an 'extra special' value to indicate that the state machine should skip certificate verify. Fix this by setting and checking the TLS1_FLAGS_SKIP_CERT_VERIFY flag, which is the same as is done in the client. ok inoguchi@ tb@

Diffstat (limited to 'src/lib/libssl/ssl_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: