mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-09 00:00:04 +01:00
verify_mode should match to auth_mode
SSL_VERIFY_PEER->MBEDTLS_SSL_VERIFY_REQUIRED SSL_VERIFY_FAIL_IF_NO_PEER_CERT->MBEDTLS_SSL_VERIFY_OPTIONAL
This commit is contained in:
parent
7cd240f30f
commit
90c04d12af
1 changed files with 3 additions and 3 deletions
|
@ -255,10 +255,10 @@ static int ssl_pm_reload_crt(SSL *ssl)
|
|||
struct pkey_pm *pkey_pm = (struct pkey_pm *)ssl->cert->pkey->pkey_pm;
|
||||
struct x509_pm *crt_pm = (struct x509_pm *)ssl->cert->x509->x509_pm;
|
||||
|
||||
if (ssl->verify_mode == SSL_VERIFY_PEER)
|
||||
mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
|
||||
else if (ssl->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
|
||||
if ((ssl->verify_mode & SSL_VERIFY_PEER) > 0)
|
||||
mode = MBEDTLS_SSL_VERIFY_REQUIRED;
|
||||
else if ((ssl->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) > 0)
|
||||
mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
|
||||
else if (ssl->verify_mode == SSL_VERIFY_CLIENT_ONCE)
|
||||
mode = MBEDTLS_SSL_VERIFY_UNSET;
|
||||
else
|
||||
|
|
Loading…
Add table
Reference in a new issue