openwrt/upstream - upstream openwrt

diff options

author	Petr Štetiar <ynezz@true.cz>	2022-02-22 20:00:28 +0100
committer	Petr Štetiar <ynezz@true.cz>	2022-02-22 20:29:39 +0100
commit	b99d7aecc83fd180f7a3c3efaae00845e7a73129 (patch)
tree	1fa6e81c0aa49a01a877a0f854c897f486fce67f /package/system/ca-certificates
parent	7612ecb201eebd0b273aa9225539fd45d538a1db (diff)
download	upstream-b99d7aecc83fd180f7a3c3efaae00845e7a73129.tar.gz upstream-b99d7aecc83fd180f7a3c3efaae00845e7a73129.tar.bz2 upstream-b99d7aecc83fd180f7a3c3efaae00845e7a73129.zip

wolfssl: fix API breakage of SSL_get_verify_result

Backport fix for API breakage of SSL_get_verify_result() introduced in v5.1.1-stable. In v4.8.1-stable SSL_get_verify_result() used to return X509_V_OK when used on LE powered sites or other sites utilizing relaxed/alternative cert chain validation feature. After an update to v5.1.1-stable that API calls started returning X509_V_ERR_INVALID_CA error and thus rendered all such connection attempts imposible: $ docker run -it openwrt/rootfs:x86_64-21.02.2 sh -c "wget https://letsencrypt.org" Downloading 'https://letsencrypt.org' Connecting to 18.159.128.50:443 Connection error: Invalid SSL certificate Fixes: #9283 References: https://github.com/wolfSSL/wolfssl/issues/4879 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit b9251e3b407592f3114e739231088c3d27663c4c)

Diffstat (limited to 'package/system/ca-certificates')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: