I wrote: > When I added the second condition to the first if statement, I was > assuming that the default for auth.verify_depth is UNSET as well. > However, it's initialized to "1" (i.e. SSL_CVERIFY_OPTIONAL) ^^^^^^^^^^^^^^^^^^^^ Wrong, of course - this macro applies to verify_*mode* (not verify_depth).
> Oden, if you change the line > > (sc->server->auth.verify_depth != UNSET)) { > to > (sc->server->auth.verify_depth != SSL_CVERIFY_OPTIONAL)) { Sorry, should consequently be changed to (sc->server->auth.verify_depth != 1)) { Kaspar