cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Improve comments

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2017-07-06 12:16:25 +02:00
parent ee98109af5
commit 9107b5fdd3
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
library/x509_crt.c
View File

@ -2310,7 +2310,9 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
}
exit:
/* prevent misuse of the vrfy callback */
/* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by
* the SSL module for authmode optional, but non-zero return from the
* callback means a fatal error so it shouldn't be ignored */
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
ret = MBEDTLS_ERR_X509_FATAL_ERROR;

2
tests/ssl-opt.sh
View File

@ -2103,6 +2103,8 @@ run_test "Authentication: client no cert, ssl3" \
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
# default value (8)
run_test "Authentication: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
key_file=data_files/dir-maxpath/09.key" \