artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 628f93c) | patch
Fix GOST skip certificate verify handling.
authorjsing <jsing@openbsd.org>
Sun, 9 Jan 2022 15:28:47 +0000 (15:28 +0000)
committerjsing <jsing@openbsd.org>
Sun, 9 Jan 2022 15:28:47 +0000 (15:28 +0000)
commit54ad05ac7e053f6eee0779f596a783b1cf200f1e
tree37a3c65699b744eb9af7d30a2639f0e565a995fatree | snapshot
parent628f93c2695399ebd72c19db70c875dfa8d622ebcommit | diff
Fix GOST skip certificate verify handling.

GOST skip certificate verify handling got broken in r1.132 of s3_srvr.c
circa 2016. Prior to this, ssl3_get_client_key_exchange() returned an
'extra special' value to indicate that the state machine should skip
certificate verify. Fix this by setting and checking the
TLS1_FLAGS_SKIP_CERT_VERIFY flag, which is the same as is done in the
client.

ok inoguchi@ tb@
lib/libssl/ssl_srvr.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim