diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-09-26 14:03:25 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-19 09:49:45 +0200 |
| commit | 9bf790d1de691293793512a69796b65c4b7d69c0 (patch) | |
| tree | 35498dfe98cad43dc89f7ce1236aeeb6a2e2792e /lib/gnutls_priority.c | |
| parent | 81748e076ed2bbe3af9bd3c25ab5a3946968b4f5 (diff) | |
| download | gnutls-backport-new-verification-functions.tar.gz | |
Backported new verification functions for clients from 3.5.x branchbackport-new-verification-functions
The major use-case for the TLS protocol is verification of PKIX
certificates. However, certificate verification support while is
similar for almost all projects it requires around 100 lines of code
(a callback) to be duplicated to all applications. That patch
set gets rid of the callback and simplifies certificate verification
support, by introducing a very simple API; one that would accept
the session and the hostname only.
Resolves #27
Diffstat (limited to 'lib/gnutls_priority.c')
| -rw-r--r-- | lib/gnutls_priority.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index f60674c174..72c6d1e3a3 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2004-2012 Free Software Foundation, Inc. + * Copyright (C) 2004-2015 Free Software Foundation, Inc. + * Copyright (C) 2015 Red Hat, Inc. * * Author: Nikos Mavrogiannopoulos * @@ -637,6 +638,8 @@ gnutls_priority_set(gnutls_session_t session, gnutls_priority_t priority) session->internals.priorities.compression.algorithms == 0) return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET); + session->internals.additional_verify_flags |= priority->additional_verify_flags; + return 0; } |