summaryrefslogtreecommitdiff
path: root/lib/libssl/tls13_server.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/tls13_server.c')
-rw-r--r--lib/libssl/tls13_server.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c
index 1c8644ab27a..549383e3313 100644
--- a/lib/libssl/tls13_server.c
+++ b/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.64 2020/12/14 15:26:36 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.65 2021/01/05 17:14:46 jsing Exp $ */
/*
* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -639,6 +639,8 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
goto err;
if (!X509_STORE_CTX_init(xsc, s->ctx->cert_store, cpk->x509, NULL))
goto err;
+ X509_VERIFY_PARAM_set_flags(X509_STORE_CTX_get0_param(xsc),
+ X509_V_FLAG_LEGACY_VERIFY);
X509_verify_cert(xsc);
ERR_clear_error();
chain = xsc->chain;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 23:09:42 +0000