CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2017/01/03 10:13:41
Modified files:
lib/libtls : tls.c
Log message:
Revert previous - the original code was correct since X509_verify_cert()
should not have changed the X509_STORE_CTX error value on success and it
was initialised to X509_V_OK by X509_STORE_CTX_init(). Other software also
depends on this behaviour.
Previously X509_verify_cert() was mishandling the X509_STORE_CTX error
value when validating alternate chains. This has been fixed and further
changes now explicitly ensure that the error value will be set to X509_V_OK
if X509_verify_cert() returns success.
