kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clarify use of |SSL_VERIFY_FAIL_IF_NO_PEER_CERT| flag.

Browse Source 
Change-Id: I819a5b565e4380f3d816a2e4a68572935c612eae
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Reviewed-on: https://boringssl-review.googlesource.com/17564
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Piotr Sikora 2017-07-04 06:10:37 -07:00 committed by CQ bot account: commit-bot@chromium.org
parent a93bc1124c
commit 06a6ed0170
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/openssl/ssl.h
View File

@ -2167,8 +2167,8 @@ OPENSSL_EXPORT const char *SSL_get_curve_name(uint16_t curve_id);
#define SSL_VERIFY_PEER 0x01
/* SSL_VERIFY_FAIL_IF_NO_PEER_CERT configures a server to reject connections if
* the client declines to send a certificate. Otherwise |SSL_VERIFY_PEER| still
* allows anonymous clients. */
* the client declines to send a certificate. This flag must be used together
* with |SSL_VERIFY_PEER|, otherwise it won't work. */
#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
/* SSL_VERIFY_PEER_IF_NO_OBC configures a server to request a client certificate