diff options
author | Petr Štetiar <ynezz@true.cz> | 2022-02-22 20:00:28 +0100 |
---|---|---|
committer | Petr Štetiar <ynezz@true.cz> | 2022-02-22 20:27:15 +0100 |
commit | b9251e3b407592f3114e739231088c3d27663c4c (patch) | |
tree | 89022f138162f2034a4cb893198514ccf6801542 /package/libs/libiconv-full | |
parent | 9e6a71e86d5707db3ca3248a09f735cbd07c0a4c (diff) | |
download | upstream-b9251e3b407592f3114e739231088c3d27663c4c.tar.gz upstream-b9251e3b407592f3114e739231088c3d27663c4c.tar.bz2 upstream-b9251e3b407592f3114e739231088c3d27663c4c.zip |
wolfssl: fix API breakage of SSL_get_verify_result
Backport fix for API breakage of SSL_get_verify_result() introduced in
v5.1.1-stable. In v4.8.1-stable SSL_get_verify_result() used to return
X509_V_OK when used on LE powered sites or other sites utilizing
relaxed/alternative cert chain validation feature. After an update to
v5.1.1-stable that API calls started returning X509_V_ERR_INVALID_CA
error and thus rendered all such connection attempts imposible:
$ docker run -it openwrt/rootfs:x86_64-21.02.2 sh -c "wget https://letsencrypt.org"
Downloading 'https://letsencrypt.org'
Connecting to 18.159.128.50:443
Connection error: Invalid SSL certificate
Fixes: #9283
References: https://github.com/wolfSSL/wolfssl/issues/4879
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Diffstat (limited to 'package/libs/libiconv-full')
0 files changed, 0 insertions, 0 deletions