diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-01 08:40:13 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-01 16:43:42 +0100 |
commit | 93486c97a9ba588e1b6eaec9918b7f4bf425d442 (patch) | |
tree | 7ad7392947abaeec4d02a16d105d4a8f589c855a /lib/x509/verify.c | |
parent | 78a03dd782c07e8d9ee35ffc584097f75f246e88 (diff) | |
download | gnutls-93486c97a9ba588e1b6eaec9918b7f4bf425d442.tar.gz |
gnutls_x509_crl_verify: always return zero on success
Also document that in previous versions a positive number could
be returned on success. Reported by Adrien Beraud.
Diffstat (limited to 'lib/x509/verify.c')
-rw-r--r-- | lib/x509/verify.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/x509/verify.c b/lib/x509/verify.c index ecd2369b1c..e645c58bb1 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -1377,7 +1377,10 @@ find_crl_issuer(gnutls_x509_crl_t crl, * function is success (i.e, failure to trust a CRL a certificate does not imply * a negative return value). * - * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * Before GnuTLS 3.5.7 this function would return zero or a positive + * number on success. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a * negative error value. **/ int @@ -1483,6 +1486,8 @@ gnutls_x509_crl_verify(gnutls_x509_crl_t crl, if (verify) *verify |= GNUTLS_CERT_INVALID; goto cleanup; + } else if (result >= 0) { + result = 0; /* everything ok */ } } |