增加证书校验开关覆盖范围，在关闭issuer校验时，使https://untrusted-root.badssl.com/校验通过。

2019-06-08 14:43:51 +08:00
parent e7438649d1
commit c15f96401c
1 changed files with 2 additions and 0 deletions
--- a/platform/src/ssl_trusted_cert_storage.cpp
+++ b/platform/src/ssl_trusted_cert_storage.cpp
@@ -291,11 +291,13 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 	switch(err)
 	{
 		case	X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+		case	X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
 			if(param->no_verify_issuer)
 			{
 				ret=1;
 			}
 			break;
+		case	X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
 		case	X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
 			if(param->no_verify_self_signed)
 			{