diff options
| author | Adriaan de Jong <dejong@fox-it.com> | 2011-08-03 20:43:08 +0200 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2011-10-22 18:02:09 +0200 |
| commit | 4ce976fb280fc279fc2f9e6478ca55716cf3d081 (patch) | |
| tree | 6bd722cf1542aef0679639f7f8403b52595cb051 /ssl_verify_openssl.c | |
| parent | b26341cdb7e58a00c0d2ab5e5b1e3ad59c0a60b7 (diff) | |
| download | openvpn-4ce976fb280fc279fc2f9e6478ca55716cf3d081.tar.gz openvpn-4ce976fb280fc279fc2f9e6478ca55716cf3d081.tar.xz openvpn-4ce976fb280fc279fc2f9e6478ca55716cf3d081.zip | |
Fixed a bug in the return value of ssl_verify when pre_verify failed
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'ssl_verify_openssl.c')
| -rw-r--r-- | ssl_verify_openssl.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ssl_verify_openssl.c b/ssl_verify_openssl.c index a8e2e49..3896417 100644 --- a/ssl_verify_openssl.c +++ b/ssl_verify_openssl.c @@ -69,10 +69,12 @@ verify_callback (int preverify_ok, X509_STORE_CTX * ctx) session->verified = false; - return 1; + return 0; } - return verify_cert(session, ctx->current_cert, ctx->error_depth); + if (SUCCESS == verify_cert(session, ctx->current_cert, ctx->error_depth)) + return 1; + return 0; } #ifdef ENABLE_X509ALTUSERNAME |