gvsafronov/futriix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TLS: Ignore client cert when tls-auth-clients off. (#7457)

Browse Source 
(cherry picked from commit 5266293a0fdee57fe6bb8a408a2e2ff0c66f0259)
This commit is contained in:
Yossi Gottlieb 2020-07-10 10:32:21 +03:00 committed by Oran Agra
parent 2d3687655b
commit 6f1e828454
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/tls.c
View File

@ -337,9 +337,7 @@ connection *connCreateAcceptedTLS(int fd, int require_auth) {
conn->c.state = CONN_STATE_ACCEPTING; conn->c.state = CONN_STATE_ACCEPTING;
if (!require_auth) { if (!require_auth) {
/* We still verify certificates if provided, but don't require them. SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL);
*/
SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, NULL);
} }
SSL_set_fd(conn->ssl, conn->c.fd); SSL_set_fd(conn->ssl, conn->c.fd);