package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch

   1 From 87e43dd63ba429297e439f2dfd1ee8b45981e18b Mon Sep 17 00:00:00 2001
   2 From: Juliusz Sosinowicz <juliusz@wolfssl.com>
   3 Date: Sat, 12 Feb 2022 00:34:24 +0100
   4 Subject: [PATCH] Reported in ZD13631
   5
   6 `ssl->peerVerifyRet` wasn't being cleared when retrying with an alternative cert chain
   7
   8 References: https://github.com/wolfSSL/wolfssl/issues/4879
   9 ---
  10  src/internal.c | 3 +++
  11  1 file changed, 3 insertions(+)
  12
  13 --- a/src/internal.c
  14 +++ b/src/internal.c
  15 @@ -12342,6 +12342,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte*
  16                              }
  17
  18                              ret = 0; /* clear errors and continue */
  19 +                    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
  20 +                            ssl->peerVerifyRet = 0;
  21 +                    #endif
  22                              args->verifyErr = 0;
  23                          }
  24