diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-09-26 14:03:25 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-19 09:49:45 +0200 |
| commit | 9bf790d1de691293793512a69796b65c4b7d69c0 (patch) | |
| tree | 35498dfe98cad43dc89f7ce1236aeeb6a2e2792e /lib/gnutls_x509.c | |
| parent | 81748e076ed2bbe3af9bd3c25ab5a3946968b4f5 (diff) | |
| download | gnutls-backport-new-verification-functions.tar.gz | |
Backported new verification functions for clients from 3.5.x branchbackport-new-verification-functions
The major use-case for the TLS protocol is verification of PKIX
certificates. However, certificate verification support while is
similar for almost all projects it requires around 100 lines of code
(a callback) to be duplicated to all applications. That patch
set gets rid of the callback and simplifies certificate verification
support, by introducing a very simple API; one that would accept
the session and the hostname only.
Resolves #27
Diffstat (limited to 'lib/gnutls_x509.c')
| -rw-r--r-- | lib/gnutls_x509.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 22dea94fdf..648a0b9e5a 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -224,8 +224,7 @@ _gnutls_x509_cert_verify_peers(gnutls_session_t session, } verify_flags = - cred->verify_flags | session->internals.priorities. - additional_verify_flags; + cred->verify_flags | session->internals.additional_verify_flags; /* generate a list of gnutls_certs based on the auth info * raw certs. */ |