public_key: Allow verify_fun to alter expire reason

This allows applications to distinguish between a trusted anchor cert
expiration and a normal cert expiration

1 files changed, 6 insertions, 6 deletions

diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 44031af11b..23883b6a39 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -1110,18 +1110,18 @@ pkix_path_validation(TrustedCert, CertChain, Options)
 pkix_path_validation(#'OTPCertificate'{} = TrustedCert, CertChain, Options)
   when is_list(CertChain), is_list(Options) ->
     MaxPathDefault = length(CertChain),
-    {VerifyFun, Userstat0} =
+    {VerifyFun, UserState0} =
 	proplists:get_value(verify_fun, Options, ?DEFAULT_VERIFYFUN),
-    try pubkey_cert:validate_time(TrustedCert, Userstat0, VerifyFun) of
-        Userstate1 -> 
+    try pubkey_cert:validate_time(TrustedCert, UserState0, VerifyFun) of
+        UserState1 -> 
             ValidationState = pubkey_cert:init_validation_state(TrustedCert, 
                                                                 MaxPathDefault, 
-                                                                [{verify_fun, {VerifyFun, Userstate1}} | 
+                                                                [{verify_fun, {VerifyFun, UserState1}} | 
                                                                  proplists:delete(verify_fun, Options)]),
             path_validation(CertChain, ValidationState)
     catch
-        throw:{bad_cert, cert_expired} = Reason ->
-            {error, Reason}    
+        throw:{bad_cert, _} = Result ->
+            {error, Result}
     end.
 
 %--------------------------------------------------------------------