]> git.ipfire.org Git - thirdparty/unbound.git/commit
For incoming ssl context with verifypem != NULL, we can set
authorW.C.A. Wijngaards <wouter@nlnetlabs.nl>
Fri, 28 Feb 2020 10:10:12 +0000 (11:10 +0100)
committerW.C.A. Wijngaards <wouter@nlnetlabs.nl>
Fri, 28 Feb 2020 10:10:12 +0000 (11:10 +0100)
commite13dfc743d6864cff6ae909cbc1026b1b666c888
tree464071a0457a1b77b35a6906a9357e06e814f5db
parentd5544a0f13e25de9d1f62bcfe0926216788f5f94
For incoming ssl context with verifypem != NULL, we can set
SSL_VERIFY_FAIL_IF_NO_PEER_CERT that can reject client
connections without peer cert during the handshake, which is nicer
than just a connection drop to the client (when we then check
for no peer certificate afterwards).
util/net_help.c