diff options
Diffstat (limited to 'src/openssl/x509vfy.c')
-rw-r--r-- | src/openssl/x509vfy.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/openssl/x509vfy.c b/src/openssl/x509vfy.c index 2e54f136..a6200773 100644 --- a/src/openssl/x509vfy.c +++ b/src/openssl/x509vfy.c @@ -331,6 +331,11 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509* err = X509_STORE_CTX_get_error(xsc); X509_STORE_CTX_cleanup (xsc); + if(ret != 1 && keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN){ + ret = 1; + keyInfoCtx->flags2 |= XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN; + } + if(ret == 1) { res = cert; |