MatrixSSL 3.9.1

2017-03-21 10:14:44 +02:00
parent 7c741e9005
commit e05dfbf650
96 changed files with 7526 additions and 5559 deletions
--- a/matrixssl/hsDecode.c
+++ b/matrixssl/hsDecode.c
@@ -3406,6 +3406,7 @@ SKIP_CERT_CHAIN_INIT:
        if ((parseLen = psX509ParseCert(ssl->hsPool, c, certLen, &cert, certFlags))
            < 0)
        {
+            psTraceInfo("Parsing of the peer certificate failed\n");
            psX509FreeCert(cert);
            if (parseLen == PS_MEM_FAIL)
            {
@@ -3426,7 +3427,7 @@ SKIP_CERT_CHAIN_INIT:
           trusted due to missing Basic Constraints, etc. */
        if (cert->version != 2)
        {
-            psX509FreeCert(cert);
+            psTraceInfo("Version 1 peer certificates not allowed\n");
            ssl->err = SSL_ALERT_BAD_CERTIFICATE;
        }
 #  endif /* ALLOW_VERSION_1_ROOT_CERT_PARSE */