eukara
/
WebSurf
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fetch_curl_verify_callback: Do depth update after check 

Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
This commit is contained in:
Daniel Silverstone 2019-12-03 09:35:51 +00:00
parent f1e6690b25
commit 24dd16ddff
No known key found for this signature in database
GPG Key ID: C30DF439F2987D74
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
content/fetchers/curl.c
View File

@ -662,11 +662,6 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx)
depth = X509_STORE_CTX_get_error_depth(x509_ctx);
fetch = X509_STORE_CTX_get_app_data(x509_ctx);
/* record the max depth */
if (depth > fetch->cert_depth) {
fetch->cert_depth = depth;
}
/* certificate chain is excessively deep so fail verification */
if (depth >= MAX_SSL_CERTS) {
X509_STORE_CTX_set_error(x509_ctx,
@ -674,6 +669,11 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx)
return 0;
}
/* record the max depth */
if (depth > fetch->cert_depth) {
fetch->cert_depth = depth;
}
/* save the certificate by incrementing the reference count and
* keeping a pointer.
*/