Overview
Comment: | Disabled checking the client certificate and aborting if not found |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | wip-fix-io-layer |
Files: | files | file ages | folders |
SHA1: |
916215af0a7034c60f77d0d46f2a9f11 |
User & Date: | rkeene on 2016-12-12 01:56:01 |
Other Links: | branch diff | manifest | tags |
Context
2016-12-12
| ||
22:29 | Merged in trunk check-in: 77c3091474 user: rkeene tags: wip-fix-io-layer | |
01:56 | Disabled checking the client certificate and aborting if not found check-in: 916215af0a user: rkeene tags: wip-fix-io-layer | |
01:51 | Made I/O test more useful when debugging is on and updated to deal with newer versions of OpenSSL check-in: 270ffbbc3e user: rkeene tags: wip-fix-io-layer | |
Changes
Modified tlsIO.c
from [38a7baa9a1]
to [0f85acc9f6].
︙ | ︙ | |||
851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 | default: dprintf("We got a confusing reply: %i", rc); *errorCodePtr = Tcl_GetErrno(); dprintf("ERR(%d, %d) ", rc, *errorCodePtr); return(-1); } if (statePtr->flags & TLS_TCL_SERVER) { dprintf("This is an TLS server, checking the certificate for the peer"); err = SSL_get_verify_result(statePtr->ssl); if (err != X509_V_OK) { dprintf("Invalid certificate, returning in failure"); Tls_Error(statePtr, (char *)X509_verify_cert_error_string(err)); statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED; *errorCodePtr = ECONNABORTED; return(-1); } } dprintf("Removing the \"TLS_TCL_INIT\" flag since we have completed the handshake"); statePtr->flags &= ~TLS_TCL_INIT; dprintf("Returning in success"); *errorCodePtr = 0; | > > | 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 | default: dprintf("We got a confusing reply: %i", rc); *errorCodePtr = Tcl_GetErrno(); dprintf("ERR(%d, %d) ", rc, *errorCodePtr); return(-1); } #if 0 if (statePtr->flags & TLS_TCL_SERVER) { dprintf("This is an TLS server, checking the certificate for the peer"); err = SSL_get_verify_result(statePtr->ssl); if (err != X509_V_OK) { dprintf("Invalid certificate, returning in failure"); Tls_Error(statePtr, (char *)X509_verify_cert_error_string(err)); statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED; *errorCodePtr = ECONNABORTED; return(-1); } } #endif dprintf("Removing the \"TLS_TCL_INIT\" flag since we have completed the handshake"); statePtr->flags &= ~TLS_TCL_INIT; dprintf("Returning in success"); *errorCodePtr = 0; |
︙ | ︙ |