diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-04-09 13:31:54 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-04-09 13:40:24 +0200 |
| commit | 63573ee97f331831ff7f2e490a275d422fd1e5dd (patch) | |
| tree | 778168897e77794fbd0ab2f61b78536b6f0a284c | |
| parent | 42cd76b35fbb4381dcd8edcbe540f8ebfe651bf9 (diff) | |
| download | gnutls-63573ee97f331831ff7f2e490a275d422fd1e5dd.tar.gz | |
x509 output: don't warn about insecure algorithm when unknown
| -rw-r--r-- | lib/x509/ocsp_output.c | 2 | ||||
| -rw-r--r-- | lib/x509/output.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c index 16381fe7bd..7dbd4bde9a 100644 --- a/lib/x509/ocsp_output.c +++ b/lib/x509/ocsp_output.c @@ -530,7 +530,7 @@ print_resp(gnutls_buffer_st * str, gnutls_ocsp_resp_t resp, name = _("unknown"); addf(str, _("\tSignature Algorithm: %s\n"), name); } - if (gnutls_sign_is_secure(ret) == 0) { + if (ret != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(ret) == 0) { adds(str, _("warning: signed using a broken signature " "algorithm that can be forged.\n")); diff --git a/lib/x509/output.c b/lib/x509/output.c index 29a94df867..cf72019bc2 100644 --- a/lib/x509/output.c +++ b/lib/x509/output.c @@ -1453,7 +1453,7 @@ print_cert(gnutls_buffer_st * str, gnutls_x509_crt_t cert, name = _("unknown"); addf(str, _("\tSignature Algorithm: %s\n"), name); } - if (gnutls_sign_is_secure(err) == 0) { + if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) { adds(str, _("warning: signed using a broken signature " "algorithm that can be forged.\n")); @@ -2095,7 +2095,7 @@ print_crl(gnutls_buffer_st * str, gnutls_x509_crl_t crl, int notsigned) name = _("unknown"); addf(str, _("\tSignature Algorithm: %s\n"), name); } - if (gnutls_sign_is_secure(err) == 0) { + if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) { adds(str, _("warning: signed using a broken signature " "algorithm that can be forged.\n")); |