Backported new verification functions for clients from 3.5.x branchbackport-new-verification-functions

The major use-case for the TLS protocol is verification of PKIX certificates. However, certificate verification support while is similar for almost all projects it requires around 100 lines of code (a callback) to be duplicated to all applications. That patch set gets rid of the callback and simplifies certificate verification support, by introducing a very simple API; one that would accept the session and the hostname only. Resolves #27
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2015-09-26 14:03:25 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-05-19 09:49:45 +0200
commit: 9bf790d1de691293793512a69796b65c4b7d69c0 (patch)
tree: 35498dfe98cad43dc89f7ce1236aeeb6a2e2792e /lib/gnutls_handshake.c
parent: 81748e076ed2bbe3af9bd3c25ab5a3946968b4f5 (diff)
download: gnutls-backport-new-verification-functions.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index d8cc93ce15..d28f543345 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -2530,6 +2530,8 @@ int gnutls_handshake(gnutls_session_t session)
 		session->internals.handshake_in_progress = 1;
 
 		gettime(&session->internals.dtls.handshake_start_time);
+		session->internals.vc_status = -1;
+
 		if (session->internals.handshake_timeout_ms &&
 		    session->internals.handshake_endtime == 0)
 			    session->internals.handshake_endtime = session->internals.dtls.handshake_start_time.tv_sec +
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2015-09-26 14:03:25 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-05-19 09:49:45 +0200
commit	9bf790d1de691293793512a69796b65c4b7d69c0 (patch)
tree	35498dfe98cad43dc89f7ce1236aeeb6a2e2792e /lib/gnutls_handshake.c
parent	81748e076ed2bbe3af9bd3c25ab5a3946968b4f5 (diff)
download	gnutls-backport-new-verification-functions.tar.gz