romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-15 01:11:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

apple sectrust: fix ancient evaluation

Browse source 
On versions before macOS 10.14, ios 12 and watchos 5, check the
evaluation code to return the error from evaluation.

Reported-by: Stanislav Fort
Closes #20074
This commit is contained in:
Stefan Eissing 2025-12-17 12:31:39 +01:00 committed by Daniel Stenberg
parent 230ee539e6
commit f099c2ca55
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/vtls/apple.c
View file

@ -261,12 +261,17 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
if(status != noErr) {
failf(data, "Apple SecTrust verification failed: error %i", (int)status);
result = CURLE_PEER_FAILED_VERIFICATION;
}
else if((sec_result == kSecTrustResultUnspecified) ||
(sec_result == kSecTrustResultProceed)) {
/* "unspecified" means system-trusted with no explicit user setting */
result = CURLE_OK;
}
else {
/* Any other trust result is a verification failure in this context */
result = CURLE_PEER_FAILED_VERIFICATION;
}
#endif /* REQUIRES_SecTrustEvaluateWithError */
}