axtls_connect: allow connect without peer verification The SSL_SERVER_VERIFY_LATER bit in the ssl_ctx_new() call allows the code to verify the peer certificate explicitly after the handshake and then the "data->set.ssl.verifypeer" option works.

commit: c75a9fef592a412de707b45ea1a6f814cf65a23f [log] [tgz]
author: Daniel Stenberg <daniel@haxx.se> Wed Dec 15 11:11:20 2010 +0100
committer: Daniel Stenberg <daniel@haxx.se> Wed Dec 15 16:05:17 2010 +0100
tree: 2dfa797269252f84289c02161d1bfaaa80cb33b3
parent: 9035709e25232b0a256684626405e0d0b4c15099 [diff]
diff --git a/lib/axtls.c b/lib/axtls.c
index 855b554..152de6f 100644
--- a/lib/axtls.c
+++ b/lib/axtls.c

@@ -156,7 +156,7 @@
   const char *x509;
 
   /* Assuming users will not compile in custom key/cert to axTLS */
-  uint32_t client_option = SSL_NO_DEFAULT_KEY;
+  uint32_t client_option = SSL_NO_DEFAULT_KEY|SSL_SERVER_VERIFY_LATER;
 
   if(conn->ssl[sockindex].state == ssl_connection_complete)
     /* to make us tolerant against being called more than once for the
commit	c75a9fef592a412de707b45ea1a6f814cf65a23f	[log] [tgz]
author	Daniel Stenberg <daniel@haxx.se>	Wed Dec 15 11:11:20 2010 +0100
committer	Daniel Stenberg <daniel@haxx.se>	Wed Dec 15 16:05:17 2010 +0100
tree	2dfa797269252f84289c02161d1bfaaa80cb33b3
parent	9035709e25232b0a256684626405e0d0b4c15099 [diff]