chat(): Don't send the certificate error response if the certificate hasn't been...
authorFabian Keil <fk@fabiankeil.de>
Thu, 24 Sep 2020 09:14:36 +0000 (11:14 +0200)
committerFabian Keil <fk@fabiankeil.de>
Sat, 26 Sep 2020 09:32:39 +0000 (11:32 +0200)
jcc.c

diff --git a/jcc.c b/jcc.c
index 4119e4a..b6c1c10 100644 (file)
--- a/jcc.c
+++ b/jcc.c
@@ -4118,10 +4118,12 @@ static void chat(struct client_state *csp)
       else
       {
          /*
-          * If server certificate is invalid, we must inform client and then
-          * close connection with client.
+          * If server certificate has been verified and is invalid,
+          * we must inform the client and then close the connection
+          * with client and server.
           */
-         if (csp->server_cert_verification_result != SSL_CERT_VALID)
+         if (csp->server_cert_verification_result != SSL_CERT_VALID &&
+             csp->server_cert_verification_result != SSL_CERT_NOT_VERIFIED)
          {
             ssl_send_certificate_error(csp);
             close_client_and_server_ssl_connections(csp);