Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 16:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

OpenSSL 3: normalize self-signed-cert error message

Browse source 
The message changed between OpenSSL 1.1 and 3.0 - we just use the old
one to not mess up the external test baselines.
This commit is contained in:
Johanna Amann 2021-11-17 17:21:21 +00:00
parent 0dc8dfacb7
commit ff0bc86021
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/file_analysis/analyzer/x509/functions.bif
View file

@ -628,7 +628,12 @@ function x509_verify%(certs: x509_opaque_vector, root_certs: table_string_of_str
x509_verify_chainerror:
auto rrecord = x509_result_record(X509_STORE_CTX_get_error(csc), X509_verify_cert_error_string(X509_STORE_CTX_get_error(csc)), std::move(chainVector));
auto error_string = X509_verify_cert_error_string(X509_STORE_CTX_get_error(csc));
// this string representation changed between OpenSSL 1 and 3 and messes up our test baselines.
if ( X509_STORE_CTX_get_error(csc) == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT )
error_string = "self signed certificate";
auto rrecord = x509_result_record(X509_STORE_CTX_get_error(csc), error_string, std::move(chainVector));
X509_STORE_CTX_cleanup(csc);
X509_STORE_CTX_free(csc);