Commit 0e9aa1f1a3f9de0e1e700ff3099b54dcb0473c0a
1 parent
911b4f9d
Exists in
master
and in
3 other branches
Incluindo opção de configuração para não aceitar conexões em hosts
que apresentarem certificados SSL auto assinados.
Showing
1 changed file
with
6 additions
and
0 deletions
Show diff stats
| @@ -136,7 +136,13 @@ int ssl_negotiate(H3270 *hSession) | @@ -136,7 +136,13 @@ int ssl_negotiate(H3270 *hSession) | ||
| 136 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: | 136 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: |
| 137 | peer = SSL_get_peer_certificate(hSession->ssl_con); | 137 | peer = SSL_get_peer_certificate(hSession->ssl_con); |
| 138 | trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" ); | 138 | trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" ); |
| 139 | + | ||
| 140 | +#ifdef ENABLE_SELF_SIGNED_CERT | ||
| 139 | break; | 141 | break; |
| 142 | +#else | ||
| 143 | + lib3270_disconnect(hSession); | ||
| 144 | + return -1; | ||
| 145 | +#endif // ENABLE_SELF_SIGNED_CERT | ||
| 140 | 146 | ||
| 141 | default: | 147 | default: |
| 142 | trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); | 148 | trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); |