diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-02-22 18:31:05 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-02-22 18:31:05 +0000 |
| commit | 687ee1abc1b7d50d2e15f21e835dc1737120efb1 (patch) | |
| tree | a1602c3c541bd3a7baeaf3b339c091c2233e431a /lib/gnutls_x509.c | |
| parent | f251995312be18c752f69801d3f037cac5c024fc (diff) | |
| download | gnutls-687ee1abc1b7d50d2e15f21e835dc1737120efb1.tar.gz | |
Changed certificate verification functions.
Diffstat (limited to 'lib/gnutls_x509.c')
| -rw-r--r-- | lib/gnutls_x509.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 6cb3634220..327502579e 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -762,7 +762,7 @@ int _gnutls_x509_cert_verify_peers(GNUTLS_STATE state) if (verify < 0) { gnutls_assert(); - return GNUTLS_CERT_INVALID; + return verify; } @@ -781,9 +781,13 @@ int _gnutls_x509_cert_verify_peers(GNUTLS_STATE state) * @CRL_list_length: not used * * This function will try to verify the given certificate list and return it's status (TRUSTED, EXPIRED etc.). - * The return value (status) should be one of the CertificateStatus enumerated elements. + * The return value (status) should be one or more of the CertificateStatus + * enumerated elements bitwise or'd. + * * However you must also check the peer's name in order to check if the verified certificate belongs to the - * actual peer. Returns a negative error code in case of an error. + * actual peer. + * + * Returns a negative error code in case of an error. * **/ int gnutls_x509_verify_certificate( const gnutls_datum* cert_list, int cert_list_length, const gnutls_datum * CA_list, int CA_list_length, const gnutls_datum* CRL_list, int CRL_list_length) @@ -861,7 +865,7 @@ int gnutls_x509_verify_certificate( const gnutls_datum* cert_list, int cert_list if (verify < 0) { gnutls_assert(); - return GNUTLS_CERT_INVALID; + return verify; } return verify; |