[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-83-ge7b65df
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-83-ge7b65df |
|
Date: |
Sun, 16 Sep 2012 20:53:16 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e7b65df28abd19bd9a2e8de11d7b1c9ead9c5fcf
The branch, master has been updated
via e7b65df28abd19bd9a2e8de11d7b1c9ead9c5fcf (commit)
from 70a3f32d55f7cd5ba14fef3ff3e545b478916316 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e7b65df28abd19bd9a2e8de11d7b1c9ead9c5fcf
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 16 22:50:09 2012 +0200
removed a now redundant chain check
-----------------------------------------------------------------------
Summary of changes:
lib/x509/verify-high.c | 19 +++----------------
1 files changed, 3 insertions(+), 16 deletions(-)
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index a4f883f..d8addba 100644
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -355,18 +355,6 @@ static int shorten_clist(gnutls_x509_trust_list_t list,
uint32_t hash;
gnutls_datum_t dn;
- /* Start by truncating any disjoint list of certificates. For
- * example, if the server presented a chain A->B->C->X->Y->Z
- * where X is *not* actually the issuer of C, truncate at C.
- */
- for(i=1;i<clist_size;i++) {
- if (!gnutls_x509_crt_check_issuer(certificate_list[i-1],
- certificate_list[i])) {
- gnutls_assert();
- clist_size = i;
- }
- }
-
if (clist_size > 1) {
/* Check if the last certificate in the path is self signed.
* In that case ignore it (a certificate is trusted only if it
@@ -440,10 +428,9 @@ static gnutls_x509_crt_t* sort_clist(gnutls_x509_crt_t
sorted[MAX_CERTS_TO_SORT]
for (i=0;i<MAX_CERTS_TO_SORT;i++)
issuer[i] = -1;
- /* Start by truncating any disjoint list of certificates. For
- * example, if the server presented a chain A->B->C->X->Y->Z
- * where X is *not* actually the issuer of C, truncate at C.
- */
+ /* Find the issuer of each certificate and store it
+ * in issuer array.
+ */
for(i=0;i<*clist_size;i++)
{
for (j=1;j<*clist_size;j++)
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-83-ge7b65df,
Nikos Mavrogiannopoulos <=