Commit c75a9fef authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

axtls_connect: allow connect without peer verification 

The SSL_SERVER_VERIFY_LATER bit in the ssl_ctx_new() call allows the
code to verify the peer certificate explicitly after the handshake and
then the "data->set.ssl.verifypeer" option works.
parent 9035709e

lib/axtls.c

+1 −1
Original line number Diff line number Diff line
@@ -156,7 +156,7 @@ Curl_axtls_connect(struct connectdata *conn, 
  const char *x509;



  /* Assuming users will not compile in custom key/cert to axTLS */

  uint32_t client_option = SSL_NO_DEFAULT_KEY;

  uint32_t client_option = SSL_NO_DEFAULT_KEY|SSL_SERVER_VERIFY_LATER;



  if(conn->ssl[sockindex].state == ssl_connection_complete)

    /* to make us tolerant against being called more than once for the