From 8de4143d6c7ece972e3dc74b63caa2c0b1b0056b Mon Sep 17 00:00:00 2001
From: luwenpeng <luwenpeng@zdjizhi.com>
Date: Sun, 27 Sep 2020 18:42:45 +0800
Subject: [PATCH] =?UTF-8?q?TSG-3438=20=E4=B8=AD=E9=97=B4=E8=AF=81=E4=B9=A6?=
 =?UTF-8?q?=E7=BC=93=E5=AD=98=E5=88=A4=E5=AE=9A=E6=9D=A1=E4=BB=B6=E4=B8=8D?=
 =?UTF-8?q?=E5=AE=8C=E5=96=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 platform/src/ssl_trusted_cert_storage.cpp | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/platform/src/ssl_trusted_cert_storage.cpp b/platform/src/ssl_trusted_cert_storage.cpp
index d9ff4fe..f751579 100644
--- a/platform/src/ssl_trusted_cert_storage.cpp
+++ b/platform/src/ssl_trusted_cert_storage.cpp
@@ -333,6 +333,7 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 			ret=1;	//host match is verfied via X509_check_host
 			break;
 		default:
+			param->real_untrust |= 0x10;
 			ret=0;
 			break;
 	}
@@ -416,15 +417,16 @@ int ssl_trusted_cert_storage_verify_conn(struct ssl_trusted_cert_storage* storag
 	}
 
 	TFE_LOG_DEBUG(g_default_logger,
-		"sni:%s, cet_real_untrust:%d, verify_host_fail:%d, verify_issure_fail:%d, verify_self_signed_fail:%d, verify_expiry_date_fail:%d",
+		"sni:%s, cet_real_untrust:%d, verify_host_fail:%d, verify_issure_fail:%d, verify_self_signed_fail:%d, verify_expiry_date_fail:%d, verify_other_fail:%d",
 		(hostname ? hostname : "NULL"),
-		((param->real_untrust & 0x0f) ? 1 : 0),
+		((param->real_untrust & 0xff) ? 1 : 0),
 		((param->real_untrust & 0x01) ? 1 : 0),
 		((param->real_untrust & 0x02) ? 1 : 0),
 		((param->real_untrust & 0x04) ? 1 : 0),
-		((param->real_untrust & 0x08) ? 1 : 0));
+		((param->real_untrust & 0x08) ? 1 : 0),
+		((param->real_untrust & 0x10) ? 1 : 0));
 
-	// case cert verify success 
+    // case cert verify success 
 	if (param->real_untrust == 0) {
 		ssl_fetch_trusted_cert_from_chain(cert_chain, storage->effective_store, hostname);
 	}