This is an automated email from the ASF dual-hosted git repository.
dsoumis pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new c848b1b5ac Make what we are expecting as errnum more obvious
c848b1b5ac is described below
commit c848b1b5acaa6cde2abb5f80dfce2f5f5ba30188
Author: Dimitris Soumis <[email protected]>
AuthorDate: Fri Oct 10 12:53:56 2025 +0300
Make what we are expecting as errnum more obvious
---
java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index ca3d7c980b..b1ca5081a2 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -1174,7 +1174,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
X509_STORE_CTX_set_error(x509ctx,
X509_V_ERR_CERT_REVOKED());
} else if (ocspResponse == V_OCSP_CERTSTATUS_UNKNOWN()) {
errnum = X509_STORE_CTX_get_error(x509ctx);
- if (errnum == X509_V_ERR_APPLICATION_VERIFICATION() ||
errnum < 0) {
+ if (errnum != X509_V_ERR_UNABLE_TO_GET_CRL() &&
(errnum == X509_V_ERR_APPLICATION_VERIFICATION() || errnum != 0)) {
ok = 0;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
