--- a/src/context.c Sat Nov 20 20:04:11 2010 -0800 +++ b/src/context.c Sat Nov 20 20:04:11 2010 -0800 @@ -387,6 +387,11 @@ return 1; } +int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + /** * Set the handshake verify options. */ @@ -394,18 +399,22 @@ { int i; int flag = 0; + int ignore_errors = 0; SSL_CTX *ctx = ctx_getcontext(L, 1); int max = lua_gettop(L); /* any flag? */ if (max > 1) { for (i = 2; i <= max; i++) { - if (!set_verify_flag(luaL_checkstring(L, i), &flag)) { + const char *s = luaL_checkstring(L, i); + if (!strcmp(s, "continue")) { + ignore_errors = 1; + } else if (!set_verify_flag(s, &flag)) { lua_pushboolean(L, 0); lua_pushstring(L, "invalid verify option"); return 2; } } - SSL_CTX_set_verify(ctx, flag, NULL); + SSL_CTX_set_verify(ctx, flag, ignore_errors ? verify_cb : NULL); } lua_pushboolean(L, 1); return 1;