aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/vtls/mbedtls.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 6a20e276e..ec1c13d95 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -583,14 +583,16 @@ mbed_connect_step2(struct connectdata *conn,
return CURLE_PEER_FAILED_VERIFICATION;
}
- if(ret & MBEDTLS_X509_BADCERT_CN_MISMATCH)
- failf(data, "Cert verify failed: BADCERT_CN_MISMATCH");
-
if(ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED)
failf(data, "Cert verify failed: BADCERT_NOT_TRUSTED");
return CURLE_PEER_FAILED_VERIFICATION;
}
+ if(ret && SSL_CONN_CONFIG(verifyhost)) {
+ if(ret & MBEDTLS_X509_BADCERT_CN_MISMATCH)
+ failf(data, "Cert verify failed: BADCERT_CN_MISMATCH");
+ return CURLE_PEER_FAILED_VERIFICATION;
+ }
peercert = mbedtls_ssl_get_peer_cert(&BACKEND->ssl);
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 06:14:37 +0000