Skip to content

Commit

Permalink
MT#55283 verify "zero" DTLS cert
Browse files Browse the repository at this point in the history 
... instead of "current" if available

closes #1771

Change-Id: Id1b742b2446d4d59b3de251a1d1a5dcbed86834a
(cherry picked from commit 8fba68f)
  • Loading branch information
@rfuchs
rfuchs committed Dec 15, 2023
1 parent eaa5d6a commit 3f22649
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion daemon/dtls.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,13 @@ static int verify_callback(int ok, X509_STORE_CTX *store) {

if (ps->dtls_cert)
X509_free(ps->dtls_cert);
ps->dtls_cert = X509_dup(X509_STORE_CTX_get_current_cert(store));
ps->dtls_cert = NULL;
X509 *cert = X509_STORE_CTX_get0_cert(store);
if (!cert)
cert = X509_STORE_CTX_get_current_cert(store);
if (!cert)
return 0;
ps->dtls_cert = X509_dup(cert);

if (!media->fingerprint.hash_func)
return 1; /* delay verification */
Expand Down

0 comments on commit 3f22649

Please sign in to comment.