diff options
author | Simon Josefsson <simon@josefsson.org> | 2006-12-27 08:54:43 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2006-12-27 08:54:43 +0000 |
commit | 903e0f51a9a51ddf0cb76bdfccf8ae5bc4e01793 (patch) | |
tree | 40d69ae8861abca8e6965c7b44b5aa995c195c2c | |
parent | 3551be22b91f10f7b30251ad0545babb8d47f4e1 (diff) | |
download | gnutls-903e0f51a9a51ddf0cb76bdfccf8ae5bc4e01793.tar.gz |
(generate_rdn_seq): Store subject DN instead of issuer DN in the
certificate authority list, to make sure server's send the proper list
of expected CAs to the client. Reported by Max Kellermann
<max@duempel.org>.
-rw-r--r-- | lib/gnutls_x509.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 5f4b3f2190..e180535588 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -990,8 +990,7 @@ generate_rdn_seq (gnutls_certificate_credentials_t res) for (i = 0; i < res->x509_ncas; i++) { if ((ret = - _gnutls_x509_crt_get_raw_issuer_dn (res->x509_ca_list[i], - &tmp)) < 0) + _gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) { gnutls_assert (); return ret; @@ -1016,8 +1015,7 @@ generate_rdn_seq (gnutls_certificate_credentials_t res) for (i = 0; i < res->x509_ncas; i++) { if ((ret = - _gnutls_x509_crt_get_raw_issuer_dn (res->x509_ca_list[i], - &tmp)) < 0) + _gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) { _gnutls_free_datum (&res->x509_rdn_sequence); gnutls_assert (); |