diff options
Diffstat (limited to 'src/openssl/x509vfy.c')
-rw-r--r-- | src/openssl/x509vfy.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/openssl/x509vfy.c b/src/openssl/x509vfy.c index fe51da4e..b5273a48 100644 --- a/src/openssl/x509vfy.c +++ b/src/openssl/x509vfy.c @@ -332,6 +332,10 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509* depth = X509_STORE_CTX_get_error_depth(&xsc); X509_STORE_CTX_cleanup (&xsc); + if(ret != 1 && keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN){ + ret = 1; + keyInfoCtx->flags2 |= XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN; + } if(ret == 1) { res = cert; |