Context Navigation

r792a93b	r200e151
37	37	/* Some generic error codes. Especially SSL_AGAIN is important if you
38	38	want to do asynchronous I/O. */
39		~~#define NSS_VERIFY_ERROR -2~~
40		~~#define OPENSSL_VERIFY_ERROR -1~~
41	39	#define SSL_OK 0
42	40	#define SSL_NOHANDSHAKE 1

lib/ssl_nss.c

-                      r792a93b
+                      r200e151
         conn->func = func;
         conn->data = data;
         conn->verify = verify;
+        conn->verify = verify && global.conf->cafile;
         /* This function should be called via a (short) timeout instead of
 …
         struct scd *conn = data;
+        /* Right now we don't have any verification functionality for nss so we
+           fail in case verification has been requested by the user. */
+        /* Right now we don't have any verification functionality for NSS. */
         if( conn->verify )
+        {
                 conn->func( conn->data, NSS_VERIFY_ERROR, NULL, cond );
+                conn->func( conn->data, 1, NULL, cond );
                 if( source >= 0 ) closesocket( source );
                 g_free( conn );

-                      r792a93b
+                      r200e151
         conn->data = data;
         conn->inpa = -1;
         conn->verify = verify;
+        conn->verify = verify && global.conf->cafile;
         /* This function should be called via a (short) timeout instead of
 …
         SSL_METHOD *meth;
+        /* Right now we don't have any verification functionality for openssl so we
+           fail in case verification has been requested by the user. */
+        /* Right now we don't have any verification functionality for OpenSSL. */
         if( conn->verify )
+        {
                 conn->func( conn->data, OPENSSL_VERIFY_ERROR, NULL, cond );
+                conn->func( conn->data, 1, NULL, cond );
                 if( source >= 0 ) closesocket( source );
                 g_free( conn );

Note: See TracChangeset for help on using the changeset viewer.