kapitan/IXWebSocket
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

(openssl) Always set verify peer when it is not disabled (#250)

Browse Source
This commit is contained in:
jb-gcx 2020-11-11 18:12:39 +01:00 committed by GitHub
parent 51ec32405d
commit 422febf15d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ixwebsocket/IXSocketOpenSSL.cpp
View File

@ -503,6 +503,8 @@ namespace ix
errMsg += ERR_error_string(sslErr, nullptr); errMsg += ERR_error_string(sslErr, nullptr);
return false; return false;
} }
}
}
SSL_CTX_set_verify( SSL_CTX_set_verify(
_ssl_context, SSL_VERIFY_PEER, [](int preverify, X509_STORE_CTX*) -> int { _ssl_context, SSL_VERIFY_PEER, [](int preverify, X509_STORE_CTX*) -> int {
@ -510,8 +512,6 @@ namespace ix
}); });
SSL_CTX_set_verify_depth(_ssl_context, 4); SSL_CTX_set_verify_depth(_ssl_context, 4);
} }
}
}
else else
{ {
SSL_CTX_set_verify(_ssl_context, SSL_VERIFY_NONE, nullptr); SSL_CTX_set_verify(_ssl_context, SSL_VERIFY_NONE, nullptr);