From 565f2c39c51af3c05dfc25362dca83d32187430d Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 7 Oct 2012 12:10:59 +0200
Subject: Bug fixes in DANE.

Corrected packet length parsing and removed the verify
options DANE_VERIFY_DNSSEC_DATA_INVALID and DANE_VERIFY_NO_DNSSEC_DATA.
There is longer use for them since using the DANE API requires DNSSEC.
---
 libdane/includes/gnutls/dane.h | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'libdane/includes')

diff --git a/libdane/includes/gnutls/dane.h b/libdane/includes/gnutls/dane.h
index 9a3a5e8c43..366d10a980 100644
--- a/libdane/includes/gnutls/dane.h
+++ b/libdane/includes/gnutls/dane.h
@@ -107,8 +107,6 @@ unsigned int dane_query_entries(dane_query_t q);
  * @DANE_VERIFY_CA_CONSTRAINS_VIOLATED: The CA constrains was violated.
  * @DANE_VERIFY_CERT_DIFFERS: The certificate obtained via DNS differs.
  * @DANE_VERIFY_NO_DANE_INFO: No DANE data were found in the DNS record.
- * @DANE_VERIFY_DNSSEC_DATA_INVALID: The DNSSEC data are invalid.
- * @DANE_VERIFY_NO_DNSSEC_DATA: The DNS data were not signed using DNSSEC.
  *
  * Enumeration of different verification status flags.
  */
@@ -117,8 +115,6 @@ typedef enum dane_verify_status_t
   DANE_VERIFY_CA_CONSTRAINS_VIOLATED = 1,
   DANE_VERIFY_CERT_DIFFERS = 1<<1,
   DANE_VERIFY_NO_DANE_INFO = 1<<2,
-  DANE_VERIFY_DNSSEC_DATA_INVALID = 1<<3,
-  DANE_VERIFY_NO_DNSSEC_DATA = 1<<4,
 } dane_verify_status_t;
 
 /**
-- 
cgit v1.2.1