File tree 2 files changed +9
-7
lines changed
2 files changed +9
-7
lines changed Original file line number Diff line number Diff line change @@ -95,6 +95,7 @@ __ustream_ssl_context_new(bool server)
9595 if (!ctx )
9696 return NULL ;
9797
98+ ctx -> auth = SSL_VERIFY_NONE ;
9899 ctx -> server = server ;
99100#ifdef USE_VERSION_1_3
100101 pk_init (& ctx -> key );
@@ -117,6 +118,9 @@ __hidden int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char
117118 if (ret )
118119 return -1 ;
119120
121+ if (!ctx -> server )
122+ ctx -> auth = SSL_VERIFY_OPTIONAL ;
123+
120124 return 0 ;
121125}
122126
@@ -256,7 +260,7 @@ static const int default_ciphersuites[] =
256260__hidden void * __ustream_ssl_session_new (struct ustream_ssl_ctx * ctx )
257261{
258262 ssl_context * ssl ;
259- int ep , auth ;
263+ int ep ;
260264
261265 ssl = calloc (1 , sizeof (ssl_context ));
262266 if (!ssl )
@@ -267,17 +271,14 @@ __hidden void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx)
267271 return NULL ;
268272 }
269273
270- if (ctx -> server ) {
274+ if (ctx -> server )
271275 ep = SSL_IS_SERVER ;
272- auth = SSL_VERIFY_NONE ;
273- } else {
276+ else
274277 ep = SSL_IS_CLIENT ;
275- auth = SSL_VERIFY_OPTIONAL ;
276- }
277278
278279 ssl_set_ciphersuites (ssl , default_ciphersuites );
279280 ssl_set_endpoint (ssl , ep );
280- ssl_set_authmode (ssl , auth );
281+ ssl_set_authmode (ssl , ctx -> auth );
281282 ssl_set_rng (ssl , _urandom , NULL );
282283
283284 if (ctx -> server ) {
Original file line number Diff line number Diff line change @@ -40,6 +40,7 @@ struct ustream_ssl_ctx {
4040 rsa_context key ;
4141#endif
4242 x509_crt cert ;
43+ int auth ;
4344 bool server ;
4445};
4546
You can’t perform that action at this time.
0 commit comments