* src/ne_openssl.c (ne__negotiate_ssl): Don't fail hard for SSL cert

change, invoke verify callback. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1938 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
author: joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> 2014-09-20 18:57:01 +0000
committer: joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> 2014-09-20 18:57:01 +0000
commit: e650cb1d461f5afb8f360545b18253c68fa2548e (patch)
tree: dd9ec448db3feea7370ac361c190a3906886b6ce /test
parent: a842c6c6cdf7103d88d652c34caae4acc5c7602b (diff)
download: neon-e650cb1d461f5afb8f360545b18253c68fa2548e.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/test/ssl.c b/test/ssl.c
index 4ea40ed..12b870c 100644
--- a/test/ssl.c
+++ b/test/ssl.c
@@ -1874,6 +1874,7 @@ static int pkcs11_dsa(void)
  * only really happen if they mess with the SSL_CTX and enable
  * ADH cipher manually; but good to check the failure case is 
  * safe.
+ * -  SSL cert changes between connections; handle as normal & re-verify
  * From the SSL book:
  * - an early FIN should be returned as a possible truncation attack,
  * NOT just an NE_SOCK_CLOSED.
author	joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845>	2014-09-20 18:57:01 +0000
committer	joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845>	2014-09-20 18:57:01 +0000
commit	e650cb1d461f5afb8f360545b18253c68fa2548e (patch)
tree	dd9ec448db3feea7370ac361c190a3906886b6ce /test
parent	a842c6c6cdf7103d88d652c34caae4acc5c7602b (diff)
download	neon-e650cb1d461f5afb8f360545b18253c68fa2548e.tar.gz