diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-03-08 17:38:49 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-03-08 17:38:49 +0100 |
| commit | eefcdd8815f9629409f006a76a5710f479eca341 (patch) | |
| tree | 5c784f5f32ec9a20cfa6a75a18d4ca6d4fc2688b | |
| parent | bc49b027f7e9a2486a7c9be67e43a84cbe1b6269 (diff) | |
| download | gnutls-eefcdd8815f9629409f006a76a5710f479eca341.tar.gz | |
re-enabled certificate verification
| -rw-r--r-- | lib/x509/verify.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 538e4aeb60..037329ee54 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -752,7 +752,8 @@ verify_crt(gnutls_x509_crt_t cert, result = 0; gnutls_assert(); goto cleanup; - } + } else if (ret == 1) + result = 1; /* Check activation/expiration times */ @@ -761,6 +762,7 @@ verify_crt(gnutls_x509_crt_t cert, if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS)) { out |= check_time(issuer, now); if (out != 0) { + gnutls_assert(); result = 0; if (output) *output |= out; @@ -769,6 +771,7 @@ verify_crt(gnutls_x509_crt_t cert, out |= check_time(cert, now); if (out != 0) { + gnutls_assert(); result = 0; if (output) *output |= out; @@ -941,6 +944,7 @@ _gnutls_x509_verify_certificate(const gnutls_x509_crt_t * certificate_list, &certificate_list[i], 1, flags, &output, NULL, now, &max_path, nc, func)) != 1) { + gnutls_assert(); status |= output; status |= GNUTLS_CERT_INVALID; goto cleanup; |