diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-10-23 12:27:53 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-10-23 12:27:53 +0200 |
commit | 120b18ef38a3830fc0cba0f200831596d13ac095 (patch) | |
tree | b34c041f560f60c05790397102a3e842aeecb4aa | |
parent | 650e75e1a2d9d4ff4950da5044ac852821d9b8ad (diff) | |
download | gnutls-120b18ef38a3830fc0cba0f200831596d13ac095.tar.gz |
corrected dane doc
-rw-r--r-- | NEWS | 8 | ||||
-rw-r--r-- | libdane/dane.c | 4 |
2 files changed, 10 insertions, 2 deletions
@@ -9,6 +9,14 @@ See the end for copying conditions. ** certtool: pathlen constraint is now read correctly. Reported by Christoph Seitz. +** libdane: Added interfaces to allow initialization of dane_query_t from +external DNS resolutions, and to allow direct verification of a certificate +chain against a dane_query_t. Contributed by Christian Grothoff. + +** libdane: Fixed a buffer overflow in dane_query_tlsa(). This could be +triggered by a DNS server supplying more than 4 DANE records. Report and fix +by Christian Grothoff. + ** API and ABI modifications: dane_verify_crt_raw: Added dane_raw_tlsa: Added diff --git a/libdane/dane.c b/libdane/dane.c index 01872b519c..4c1dcd11ab 100644 --- a/libdane/dane.c +++ b/libdane/dane.c @@ -246,9 +246,9 @@ void dane_query_deinit(dane_query_t q) * caller must guarantee that the referenced data remains * valid until dane_query_deinit() is called. * @dane_data_len: the length n bytes of the dane_data items - * @param secure true if the result is validated securely, false if + * @secure: true if the result is validated securely, false if * validation failed or the domain queried has no security info - * @param bogus if the result was not secure (secure = 0) due to a security failure, + * @bogus: if the result was not secure (secure = 0) due to a security failure, * and the result is due to a security failure, bogus is true. * * |