]> git.ipfire.org Git - thirdparty/curl.git/commitdiff
projects / thirdparty / curl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ca789e0)
apple sectrust: check correct result on old OS versions
authorStefan Eissing <stefan@eissing.org>
Wed, 8 Oct 2025 09:56:09 +0000 (11:56 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Wed, 8 Oct 2025 21:16:50 +0000 (23:16 +0200)
On ancient Apple OS versions where SecTrustEvaluateWithError() is not
available, the deprected SecTrustEvaluate() is used. In that code
branch, the code checked the wong variable for the verified result.

Closes #18929

lib/vtls/apple.c patch | blob | blame | history

diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c
index b565c8f031e1a155330b9603e2338c93db5c364e..c96ebe037bc684b302bab6f8cec928dd65f4f699 100644 (file)
--- a/lib/vtls/apple.c
+++ b/lib/vtls/apple.c
@@ -267,8 +267,8 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
     if(status != noErr) {
       failf(data, "Apple SecTrust verification failed: error %i", (int)status);
     }
-    else if((status == kSecTrustResultUnspecified) ||
-            (status == kSecTrustResultProceed)) {
+    else if((sec_result == kSecTrustResultUnspecified) ||
+            (sec_result == kSecTrustResultProceed)) {
       /* "unspecified" means system-trusted with no explicit user setting */
       result = CURLE_OK;
     }
Mirror of https://github.com/curl/curl.git