Changeset 1c90c18 in mod_gnutls


Ignore:
Timestamp:
Jun 30, 2009, 2:37:28 PM (10 years ago)
Author:
Nokis Mavrogiannopoulos <nmav@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, msva, upstream
Children:
c38a4e9
Parents:
377a900
git-author:
Nikos Mavrogiannopoulos <nmav@…> (06/30/09 14:37:28)
git-committer:
Nokis Mavrogiannopoulos <nmav@…> (06/30/09 14:37:28)
Message:

Applied patch by AlainKnaff? to correctly verify certificates per directory. Patch by AlainKnaff?.
Solves: http://issues.outoforder.cc/view.php?id=93

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r377a900 r1c90c18  
    124124
    125125    gnutls_certificate_server_set_request(session,
    126                                           ctxt->sc->client_verify_mode);
     126                                              ctxt->sc->client_verify_mode);
    127127
    128128    /* set the new server credentials
     
    820820                          "GnuTLS: Peer is set to IGNORE");
    821821#endif
    822         } else {
    823             rv = mgs_cert_verify(r, ctxt);
    824             if (rv != DECLINED) {
    825                 return rv;
    826             }
     822            return DECLINED;
     823        }
     824        rv = mgs_cert_verify(r, ctxt);
     825        if (rv != DECLINED &&
     826            (rv != HTTP_FORBIDDEN ||
     827             dc->client_verify_mode == GNUTLS_CERT_REQUIRE)) {
     828            return rv;
    827829        }
    828830    }
Note: See TracChangeset for help on using the changeset viewer.