Commit 0e9aa1f1a3f9de0e1e700ff3099b54dcb0473c0a
1 parent
911b4f9d
Exists in
master
and in
3 other branches
Incluindo opção de configuração para não aceitar conexões em hosts
que apresentarem certificados SSL auto assinados.
Showing
1 changed file
with
6 additions
and
0 deletions
Show diff stats
... | ... | @@ -136,7 +136,13 @@ int ssl_negotiate(H3270 *hSession) |
136 | 136 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: |
137 | 137 | peer = SSL_get_peer_certificate(hSession->ssl_con); |
138 | 138 | trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" ); |
139 | + | |
140 | +#ifdef ENABLE_SELF_SIGNED_CERT | |
139 | 141 | break; |
142 | +#else | |
143 | + lib3270_disconnect(hSession); | |
144 | + return -1; | |
145 | +#endif // ENABLE_SELF_SIGNED_CERT | |
140 | 146 | |
141 | 147 | default: |
142 | 148 | trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); | ... | ... |