projects / project / ustream-ssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 77de09f) | patch
ustream-ssl: mbedtls: fix ssl client verification
authorDaniel Danzberger <daniel@dd-wrt.com>
Sun, 8 Dec 2019 20:14:08 +0000 (21:14 +0100)
committerHauke Mehrtens <hauke@hauke-m.de>
Sun, 5 Jan 2020 16:23:11 +0000 (17:23 +0100)
commit30cebb4fc78e49e0432a404f7c9dd8c9a93b3cc3
treee582995436d1ab354ddd04eb8ebdc930d4b31b17tree | snapshot
parent77de09f381188eba3ada542c18898e7bc59e3e43commit | diff
ustream-ssl: mbedtls: fix ssl client verification

The ustream_ssl_update_own_cert() function should, like the name suggests, only
update the local ssl peer's own certificate and not the any of the CA's.

By overwriting the CA's certifcates when setting the own certificate, the code
broke SSL client verification.

This bug was only triggerd when:
 ustream_ssl_context_set_crt_file()
was called after
 ustream_ssl_context_add_ca_crt_file()

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
ustream-mbedtls.c diff | blob | history
ustream SSL wrapper