Changeset b324906 in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Feb 16, 2015, 11:17:07 AM (5 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
10b3370
Parents:
b429e4c (diff), eea8a16 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merge branch 'client-verify-fix' into tls-proxy

Most importantly, this includes the patch for broken TLS client auth
(verification results were ignored). The merged branch also includes the
improved test suite.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    rb429e4c rb324906  
    992992        }
    993993        rv = mgs_cert_verify(r, ctxt);
    994         if (rv != DECLINED &&
    995                 (rv != HTTP_FORBIDDEN ||
    996                 dc->client_verify_mode == GNUTLS_CERT_REQUIRE)) {
     994        if (rv != DECLINED
     995            && (rv != HTTP_FORBIDDEN
     996                || dc->client_verify_mode == GNUTLS_CERT_REQUIRE
     997                || (dc->client_verify_mode == -1
     998                    && ctxt->sc->client_verify_mode == GNUTLS_CERT_REQUIRE)))
     999        {
    9971000            return rv;
    9981001        }
Note: See TracChangeset for help on using the changeset viewer.