Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //<3 quarky
- //OLD function
- int SSL_verify_cb(int preverify_ok, X509_STORE_CTX *ctx) {
- if (preverify_ok) return preverify_ok;
- int error = X509_STORE_CTX_get_error(ctx);
- if (error == X509_V_ERR_CRL_NOT_YET_VALID ||
- error == X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD ||
- error == X509_V_ERR_CRL_HAS_EXPIRED ||
- error == X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD) {
- SSL* ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
- if (!ssl) return 0;
- return !!(ssl->verify_mode & 8);
- }
- return 0;
- }
- //NEW function - 2021-03-02
- int SSL_verify_cb(int preverify_ok, X509_STORE_CTX *ctx) {
- if (preverify_ok) return preverify_ok;
- int error = X509_STORE_CTX_get_error(ctx);
- if (error == X509_V_ERR_CRL_NOT_YET_VALID ||
- error == X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD ||
- error == X509_V_ERR_CRL_HAS_EXPIRED ||
- error == X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD) {
- SSL* ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
- if (!ssl) return 0;
- return !!(ssl->verify_mode & 8);
- }
- if (error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) {
- if (!ctx->chain) return 0;
- int chain_size = sk_num(ctx->chain);
- if (chain_size < 1) return 0;
- for (int i = 1; i < chain_size; i++) {
- X509* subject = sk_value(ctx->chain, i);
- X509_NAME* issuer_name = X509_get_issuer_name(subject);
- if (!issuer_name) return 0;
- STACK_OF(X509)* certs = X509_STORE_get1_certs(ctx, issuer_name);
- int certs_size = sk_num(certs);
- for (int j = 0; j < certs_size; j++) {
- X509* issuer = sk_value(certs, j);
- if (!issuer) continue;
- if (X509_check_issued(issuer, subject) == X509_V_OK) {
- ctx->field_0x88 = 1;
- ctx->error = 0;
- break;
- }
- }
- if (certs) sk_pop_free(certs, FUN_e102f718);
- if (ctx->field_0x88 == 1) return 1;
- }
- return 0;
- }
- if (error == X509_V_ERR_CERT_UNTRUSTED && ctx->field_0x88 == 1) {
- ctx->error = 0;
- ctx->field_0x88 = 0;
- return 1;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement