Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 245850 | Differences between
and this patch

Collapse All | Expand All

(-)gnutls-2.4.1/lib/x509/verify.c.orig (-11 / +11 lines)
Lines 376-381 Link Here
376
  int i = 0, ret;
376
  int i = 0, ret;
377
  unsigned int status = 0, output;
377
  unsigned int status = 0, output;
378
378
379
  /* Check if the last certificate in the path is self signed.
380
   * In that case ignore it (a certificate is trusted only if it
381
   * leads to a trusted party by us, not the server's).
382
   */
383
  if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
384
                                   certificate_list[clist_size - 1]) > 0
385
      && clist_size > 0)
386
    {
387
      clist_size--;
388
    }
389
379
  /* Verify the last certificate in the certificate path
390
  /* Verify the last certificate in the certificate path
380
   * against the trusted CA certificate list.
391
   * against the trusted CA certificate list.
381
   *
392
   *
Lines 414-430 Link Here
414
    }
425
    }
415
#endif
426
#endif
416
427
417
  /* Check if the last certificate in the path is self signed.
418
   * In that case ignore it (a certificate is trusted only if it
419
   * leads to a trusted party by us, not the server's).
420
   */
421
  if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
422
				    certificate_list[clist_size - 1]) > 0
423
      && clist_size > 0)
424
    {
425
      clist_size--;
426
    }
427
428
  /* Verify the certificate path (chain) 
428
  /* Verify the certificate path (chain) 
429
   */
429
   */
430
  for (i = clist_size - 1; i > 0; i--)
430
  for (i = clist_size - 1; i > 0; i--)

Return to bug 245850