gnutls-cli: Allow verification using V1 CAs.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-08 17:28:01 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-08 17:28:01 +0200
commit: 301635adbc64b76c3bf998ba3a471750c49222c8 (patch)
tree: 4c14d34d9bc6eaacecba5d4567b6bfc06fd2be18
parent: e3617dd08019470a7c225e01c14bedd2ada7e52a (diff)
download: gnutls-301635adbc64b76c3bf998ba3a471750c49222c8.tar.gz
2 files changed, 3 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 4c4a6a9d77..3aca5aac3a 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,8 @@ See the end for copying conditions.
 
 * Version 2.10.1 (unreleased)
 
+** gnutls-cli: Allow verification using V1 CAs.
+
 ** libgnutls: Correctly deinitialize crypto API functions to prevent
 a memory leak. Reported by Mads Kiilerich.
 
diff --git a/src/cli.c b/src/cli.c
index 6b08beab75..5a205ff473 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -512,6 +512,7 @@ init_tls_session (const char *hostname)
 
   gnutls_certificate_client_set_retrieve_function (xcred, cert_callback);
   gnutls_certificate_set_verify_function (xcred, cert_verify_callback);
+  gnutls_certificate_set_verify_flags(xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
 
   /* send the fingerprint */
 #ifdef ENABLE_OPENPGP
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-08 17:28:01 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-08 17:28:01 +0200
commit	301635adbc64b76c3bf998ba3a471750c49222c8 (patch)
tree	4c14d34d9bc6eaacecba5d4567b6bfc06fd2be18
parent	e3617dd08019470a7c225e01c14bedd2ada7e52a (diff)
download	gnutls-301635adbc64b76c3bf998ba3a471750c49222c8.tar.gz