mirror of https://github.com/moparisthebest/curl
CURLINFO_SSL_VERIFYRESULT: assign at first connect call
The variable wasn't assigned at all until step3 which would lead to a failed connect never assigning the variable and thus returning a bad value. Reported-by: Larry Lin Bug: http://curl.haxx.se/mail/lib-2014-04/0203.html
This commit is contained in:
parent
84bd19ffd4
commit
53a5b95c21
|
@ -1501,6 +1501,8 @@ ossl_connect_step1(struct connectdata *conn,
|
||||||
/* Make funny stuff to get random input */
|
/* Make funny stuff to get random input */
|
||||||
Curl_ossl_seed(data);
|
Curl_ossl_seed(data);
|
||||||
|
|
||||||
|
data->set.ssl.certverifyresult = !X509_V_OK;
|
||||||
|
|
||||||
/* check to see if we've been told to use an explicit SSL/TLS version */
|
/* check to see if we've been told to use an explicit SSL/TLS version */
|
||||||
|
|
||||||
switch(data->set.ssl.version) {
|
switch(data->set.ssl.version) {
|
||||||
|
@ -2363,8 +2365,6 @@ static CURLcode servercert(struct connectdata *conn,
|
||||||
/* we've been asked to gather certificate info! */
|
/* we've been asked to gather certificate info! */
|
||||||
(void)get_cert_chain(conn, connssl);
|
(void)get_cert_chain(conn, connssl);
|
||||||
|
|
||||||
data->set.ssl.certverifyresult = !X509_V_OK;
|
|
||||||
|
|
||||||
connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
|
connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
|
||||||
if(!connssl->server_cert) {
|
if(!connssl->server_cert) {
|
||||||
if(strict)
|
if(strict)
|
||||||
|
|
Loading…
Reference in New Issue