Commit 8363656c authored by Alessandro Ghedini's avatar Alessandro Ghedini Committed by Daniel Stenberg
Browse files

openssl: handle lack of server cert when strict checking disabled 

If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
doesn't present a certificate at all.

Closes #392
parent 38ef1b3e

lib/vtls/openssl.c

+4 −2
Original line number Diff line number Diff line
@@ -2644,7 +2644,9 @@ static CURLcode servercert(struct connectdata *conn, 


  connssl->server_cert = SSL_get_peer_certificate(connssl->handle);

  if(!connssl->server_cert) {

    if(strict)

    if(!strict)

      return CURLE_OK;



    failf(data, "SSL: couldn't get peer certificate!");

    return CURLE_PEER_FAILED_VERIFICATION;

  }