diff options
author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2019-12-03 09:35:51 +0000 |
---|---|---|
committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2019-12-03 09:35:51 +0000 |
commit | 24dd16ddff6a284a98c1abb30dacbf23d8895f4f (patch) | |
tree | b7edc28df0c4ced40cda878575f2b360c7161786 /content | |
parent | f1e6690b25eacac268686b5ebf02a5f31ca918af (diff) | |
download | netsurf-24dd16ddff6a284a98c1abb30dacbf23d8895f4f.tar.gz netsurf-24dd16ddff6a284a98c1abb30dacbf23d8895f4f.tar.bz2 |
fetch_curl_verify_callback: Do depth update after check
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Diffstat (limited to 'content')
-rw-r--r-- | content/fetchers/curl.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c index a1d7ee190..cb09ecebd 100644 --- a/content/fetchers/curl.c +++ b/content/fetchers/curl.c @@ -662,11 +662,6 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx) depth = X509_STORE_CTX_get_error_depth(x509_ctx); fetch = X509_STORE_CTX_get_app_data(x509_ctx); - /* record the max depth */ - if (depth > fetch->cert_depth) { - fetch->cert_depth = depth; - } - /* certificate chain is excessively deep so fail verification */ if (depth >= MAX_SSL_CERTS) { X509_STORE_CTX_set_error(x509_ctx, @@ -674,6 +669,11 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx) return 0; } + /* record the max depth */ + if (depth > fetch->cert_depth) { + fetch->cert_depth = depth; + } + /* save the certificate by incrementing the reference count and * keeping a pointer. */ |