Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/proftpd/patches/mod_tls_self_signed.patch
branchs11u1-sru
changeset 2734 d23b6301c400
parent 2719 8a85b880d7f1
child 2735 38548c092c06 
--- a/components/proftpd/patches/mod_tls_self_signed.patch	Wed Aug 07 01:14:19 2013 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
---- a/contrib/mod_tls.c
-+++ b/contrib/mod_tls.c
-@@ -3962,6 +3962,7 @@ static int tls_verify_cb(int ok, X509_STORE_CTX *ctx) {
-       case X509_V_ERR_CERT_HAS_EXPIRED:
-       case X509_V_ERR_CERT_REVOKED:
-       case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-+      case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-       case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-       case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-       case X509_V_ERR_APPLICATION_VERIFICATION:
-@@ -3986,17 +3987,6 @@ static int tls_verify_cb(int ok, X509_STORE_CTX *ctx) {
-         break;
-       }
- 
--      case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
--        /* XXX this is strange. we get this error for certain clients
--         * (i.e. Jeff Altman's kftp) when all is ok. I think it's because the
--         * client is actually sending the whole CA cert. This must be figured
--         * out, but we let it pass for now. If the CA cert isn't available
--         * locally, we will fail anyway.
--         */
--        tls_log("%s", X509_verify_cert_error_string(ctx->error));
--        ok = 1;
--        break;
--
-       default:
-         tls_log("error verifying client certificate: [%d] %s",
-           ctx->error, X509_verify_cert_error_string(ctx->error));
-
upstream/oracle/userland-gate