openwrt/package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch

From 87e43dd63ba429297e439f2dfd1ee8b45981e18b Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Sat, 12 Feb 2022 00:34:24 +0100
Subject: [PATCH] Reported in ZD13631

`ssl->peerVerifyRet` wasn't being cleared when retrying with an alternative cert chain

References: https://github.com/wolfSSL/wolfssl/issues/4879
---
 src/internal.c | 3 +++
 1 file changed, 3 insertions(+)

--- a/src/internal.c
+++ b/src/internal.c
@@ -12342,6 +12342,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte*
                             }
 
                             ret = 0; /* clear errors and continue */
+                    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+                            ssl->peerVerifyRet = 0;
+                    #endif
                             args->verifyErr = 0;
                         }