Fix client verify mode to check SSL_VERIFY_PEER (c636c1c4) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Commit c636c1c4 authored Apr 02, 2016 by

Viktor Dukhovni

Fix client verify mode to check SSL_VERIFY_PEER



The original check for != SSL_VERIFY_NONE can give surprising results
when flags SSL_VERIFY_PEER is not set, but other flags are.  Note
that SSL_VERIFY_NONE (0) is not a flag bit, it is rather the absense
of all other flag bits.

Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

parent 6afef8b1

Hide whitespace changes

Inline Side-by-side

Please register or to comment