require peer verification when verify is called

author discomfitor <discomfitor@7cbeb6ba-43b4-40fd-8cce-4c39aea84d33>

Sat, 2 Oct 2010 22:01:43 +0000 (22:01 +0000)

committer discomfitor <discomfitor@7cbeb6ba-43b4-40fd-8cce-4c39aea84d33>

Sat, 2 Oct 2010 22:01:43 +0000 (22:01 +0000)
author discomfitor <discomfitor@7cbeb6ba-43b4-40fd-8cce-4c39aea84d33>
Sat, 2 Oct 2010 22:01:43 +0000 (22:01 +0000)
committer discomfitor <discomfitor@7cbeb6ba-43b4-40fd-8cce-4c39aea84d33>
Sat, 2 Oct 2010 22:01:43 +0000 (22:01 +0000)
diff --git a/src/lib/ecore_con/ecore_con_ssl.c b/src/lib/ecore_con/ecore_con_ssl.c

index 12a763b..767a62b 100644 (file)
--- a/src/lib/ecore_con/ecore_con_ssl.c
+++ b/src/lib/ecore_con/ecore_con_ssl.c
@@ -971,14 +971,9 @@ _ecore_con_ssl_server_prepare_openssl(Ecore_Con_Server *svr, int ssl_type)
     else if (!svr->use_cert)
       SSL_ERROR_CHECK_GOTO_ERROR(!SSL_CTX_set_cipher_list(svr->ssl_ctx, "aNULL:!eNULL:!LOW:!EXPORT:!ECDH:RSA:AES:!PSK:@STRENGTH"));
  
-   {
-      X509_STORE *xs;
-
-      xs = SSL_CTX_get_cert_store(svr->ssl_ctx);
-      X509_STORE_set_flags(xs, X509_V_FLAG_CB_ISSUER_CHECK);
-   }
+   SSL_CTX_set_verify(svr->ssl_ctx, SSL_VERIFY_PEER, NULL);
  
-     return ECORE_CON_SSL_ERROR_NONE;
+   return ECORE_CON_SSL_ERROR_NONE;
  
  error:
     if (dh)
author	discomfitor <discomfitor@7cbeb6ba-43b4-40fd-8cce-4c39aea84d33>
	Sat, 2 Oct 2010 22:01:43 +0000 (22:01 +0000)
committer	discomfitor <discomfitor@7cbeb6ba-43b4-40fd-8cce-4c39aea84d33>
	Sat, 2 Oct 2010 22:01:43 +0000 (22:01 +0000)