Signed-off-by: Felix Fietkau <nbd@openwrt.org>
+ ctx->auth = SSL_VERIFY_NONE;
ctx->server = server;
#ifdef USE_VERSION_1_3
pk_init(&ctx->key);
ctx->server = server;
#ifdef USE_VERSION_1_3
pk_init(&ctx->key);
+ if (!ctx->server)
+ ctx->auth = SSL_VERIFY_OPTIONAL;
+
__hidden void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx)
{
ssl_context *ssl;
__hidden void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx)
{
ssl_context *ssl;
ssl = calloc(1, sizeof(ssl_context));
if (!ssl)
ssl = calloc(1, sizeof(ssl_context));
if (!ssl)
- auth = SSL_VERIFY_NONE;
- } else {
- auth = SSL_VERIFY_OPTIONAL;
- }
ssl_set_ciphersuites(ssl, default_ciphersuites);
ssl_set_endpoint(ssl, ep);
ssl_set_ciphersuites(ssl, default_ciphersuites);
ssl_set_endpoint(ssl, ep);
- ssl_set_authmode(ssl, auth);
+ ssl_set_authmode(ssl, ctx->auth);
ssl_set_rng(ssl, _urandom, NULL);
if (ctx->server) {
ssl_set_rng(ssl, _urandom, NULL);
if (ctx->server) {
rsa_context key;
#endif
x509_crt cert;
rsa_context key;
#endif
x509_crt cert;