sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#55283 verify "zero" DTLS cert

Browse Source 
... instead of "current" if available

closes #1771

Change-Id: Id1b742b2446d4d59b3de251a1d1a5dcbed86834a
(cherry picked from commit 8fba68f2c9)
mr10.5.7
Richard Fuchs 2 years ago
parent 7e11cb7ae8
commit 9e62aee968
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File

8
daemon/dtls.c
Unescape View File

@ -501,7 +501,13 @@ static int verify_callback(int ok, X509_STORE_CTX *store) {
if (ps->dtls_cert)
X509_free(ps->dtls_cert);
ps->dtls_cert = X509_dup(X509_STORE_CTX_get_current_cert(store));
ps->dtls_cert = NULL;
X509 *cert = X509_STORE_CTX_get0_cert(store);
if (!cert)
cert = X509_STORE_CTX_get_current_cert(store);
if (!cert)
return 0;
ps->dtls_cert = X509_dup(cert);
if (!media->fingerprint.hash_func || !media->fingerprint.digest_len)
return 1; /* delay verification */

Write Preview
Loading…
Cancel
Save